75 lines
2.4 KiB
Markdown
75 lines
2.4 KiB
Markdown
# FRE-4523 - Create spam-rate-limit.middleware.ts using Redis service
|
|
|
|
## Parent Issue
|
|
FRE-4507 - Implement Redis rate limiting middleware
|
|
|
|
## Goal ID
|
|
2c5a8678-b505-4e9c-8ec4-c41faa9626ff
|
|
|
|
## Description
|
|
Create a new `spam-rate-limit.middleware.ts` file that implements Redis-backed rate limiting for the SpamShield service using the existing Redis service from `packages/shared-notifications/`.
|
|
|
|
### Requirements
|
|
The middleware should:
|
|
1. Use the RedisService from `@shieldai/shared-notifications`
|
|
2. Implement per-minute AND daily rate limit tracking
|
|
3. Check rate limits before processing spam classification requests
|
|
4. Return appropriate HTTP 429 responses when limits are exceeded
|
|
5. Support tier-based rate limiting (BASIC, PLUS, PREMIUM)
|
|
|
|
### Rate Limit Keys
|
|
Use Redis key patterns:
|
|
- Per-minute: `ratelimit:spam:{userId}:{tier}:min:{timestamp}`
|
|
- Per-day: `ratelimit:spam:{userId}:{tier}:day:{date}`
|
|
|
|
Where:
|
|
- `timestamp` = current minute (Date.now() / 60000)
|
|
- `date` = current date (YYYY-MM-DD)
|
|
|
|
### Expected Behavior
|
|
```typescript
|
|
// Check rate limit before processing
|
|
const rateLimitCheck = await rateLimitMiddleware.checkLimit(userId, tier);
|
|
|
|
if (rateLimitCheck.exceeded) {
|
|
// Return 429 with retry-after header
|
|
return reply.code(429).send({
|
|
error: 'Rate limit exceeded',
|
|
limit: rateLimitCheck.limit,
|
|
remaining: rateLimitCheck.remaining,
|
|
resetAt: rateLimitCheck.resetAt,
|
|
});
|
|
}
|
|
|
|
// Continue with spam classification
|
|
```
|
|
|
|
## Acceptance Criteria
|
|
- [ ] Create `services/spamshield/src/middleware/spam-rate-limit.middleware.ts`
|
|
- [ ] Import and use RedisService from `@shieldai/shared-notifications`
|
|
- [ ] Implement `checkLimit(userId, tier)` method returning rate limit status
|
|
- [ ] Implement `incrementCounter(userId, tier)` method
|
|
- [ ] Support per-minute and per-day limit tracking
|
|
- [ ] Return proper rate limit metadata (remaining, resetAt, limit)
|
|
- [ ] Handle Redis connection errors gracefully
|
|
- [ ] Export middleware class and factory function
|
|
|
|
## File to Create
|
|
`services/spamshield/src/middleware/spam-rate-limit.middleware.ts`
|
|
|
|
## Dependencies
|
|
- FRE-4522 (spamshield.config.ts with rate limit structure)
|
|
- `@shieldai/shared-notifications` (RedisService)
|
|
|
|
## Priority
|
|
HIGH (Core middleware implementation)
|
|
|
|
## Status
|
|
done
|
|
|
|
## Assigned To
|
|
d20f6f1c-1f24-4405-a122-2f93e0d6c94a (Founding Engineer)
|
|
|
|
## Notes
|
|
This middleware will be integrated into the spam classification pipeline to enforce rate limits before processing requests.
|