Mike/ShieldAI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Auto-commit 2026-05-02 09:37

Browse Source
This commit is contained in:
Michael Freno
2026-05-02 09:37:30 -04:00
parent b6b0f86d73
commit fe754761d9
15 changed files with 674 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

74
plans/FRE-4523-rate-limit-middleware.md Normal file
View File

@@ -0,0 +1,74 @@
# FRE-4523 - Create spam-rate-limit.middleware.ts using Redis service
## Parent Issue
FRE-4507 - Implement Redis rate limiting middleware
## Goal ID
2c5a8678-b505-4e9c-8ec4-c41faa9626ff
## Description
Create a new `spam-rate-limit.middleware.ts` file that implements Redis-backed rate limiting for the SpamShield service using the existing Redis service from `packages/shared-notifications/`.
### Requirements
The middleware should:
1. Use the RedisService from `@shieldai/shared-notifications`
2. Implement per-minute AND daily rate limit tracking
3. Check rate limits before processing spam classification requests
4. Return appropriate HTTP 429 responses when limits are exceeded
5. Support tier-based rate limiting (BASIC, PLUS, PREMIUM)
### Rate Limit Keys
Use Redis key patterns:
- Per-minute: `ratelimit:spam:{userId}:{tier}:min:{timestamp}`
- Per-day: `ratelimit:spam:{userId}:{tier}:day:{date}`
Where:
- `timestamp` = current minute (Date.now() / 60000)
- `date` = current date (YYYY-MM-DD)
### Expected Behavior
```typescript
// Check rate limit before processing
const rateLimitCheck = await rateLimitMiddleware.checkLimit(userId, tier);
if (rateLimitCheck.exceeded) {
// Return 429 with retry-after header
return reply.code(429).send({
error: 'Rate limit exceeded',
limit: rateLimitCheck.limit,
remaining: rateLimitCheck.remaining,
resetAt: rateLimitCheck.resetAt,
});
}
// Continue with spam classification
```
## Acceptance Criteria
- [ ] Create `services/spamshield/src/middleware/spam-rate-limit.middleware.ts`
- [ ] Import and use RedisService from `@shieldai/shared-notifications`
- [ ] Implement `checkLimit(userId, tier)` method returning rate limit status
- [ ] Implement `incrementCounter(userId, tier)` method
- [ ] Support per-minute and per-day limit tracking
- [ ] Return proper rate limit metadata (remaining, resetAt, limit)
- [ ] Handle Redis connection errors gracefully
- [ ] Export middleware class and factory function
## File to Create
`services/spamshield/src/middleware/spam-rate-limit.middleware.ts`
## Dependencies
- FRE-4522 (spamshield.config.ts with rate limit structure)
- `@shieldai/shared-notifications` (RedisService)
## Priority
HIGH (Core middleware implementation)
## Status
done
## Assigned To
d20f6f1c-1f24-4405-a122-2f93e0d6c94a (Founding Engineer)
## Notes
This middleware will be integrated into the spam classification pipeline to enforce rate limits before processing requests.