2.4 KiB
2.4 KiB
FRE-4523 - Create spam-rate-limit.middleware.ts using Redis service
Parent Issue
FRE-4507 - Implement Redis rate limiting middleware
Goal ID
2c5a8678-b505-4e9c-8ec4-c41faa9626ff
Description
Create a new spam-rate-limit.middleware.ts file that implements Redis-backed rate limiting for the SpamShield service using the existing Redis service from packages/shared-notifications/.
Requirements
The middleware should:
- Use the RedisService from
@shieldai/shared-notifications - Implement per-minute AND daily rate limit tracking
- Check rate limits before processing spam classification requests
- Return appropriate HTTP 429 responses when limits are exceeded
- Support tier-based rate limiting (BASIC, PLUS, PREMIUM)
Rate Limit Keys
Use Redis key patterns:
- Per-minute:
ratelimit:spam:{userId}:{tier}:min:{timestamp} - Per-day:
ratelimit:spam:{userId}:{tier}:day:{date}
Where:
timestamp= current minute (Date.now() / 60000)date= current date (YYYY-MM-DD)
Expected Behavior
// Check rate limit before processing
const rateLimitCheck = await rateLimitMiddleware.checkLimit(userId, tier);
if (rateLimitCheck.exceeded) {
// Return 429 with retry-after header
return reply.code(429).send({
error: 'Rate limit exceeded',
limit: rateLimitCheck.limit,
remaining: rateLimitCheck.remaining,
resetAt: rateLimitCheck.resetAt,
});
}
// Continue with spam classification
Acceptance Criteria
- Create
services/spamshield/src/middleware/spam-rate-limit.middleware.ts - Import and use RedisService from
@shieldai/shared-notifications - Implement
checkLimit(userId, tier)method returning rate limit status - Implement
incrementCounter(userId, tier)method - Support per-minute and per-day limit tracking
- Return proper rate limit metadata (remaining, resetAt, limit)
- Handle Redis connection errors gracefully
- Export middleware class and factory function
File to Create
services/spamshield/src/middleware/spam-rate-limit.middleware.ts
Dependencies
- FRE-4522 (spamshield.config.ts with rate limit structure)
@shieldai/shared-notifications(RedisService)
Priority
HIGH (Core middleware implementation)
Status
done
Assigned To
d20f6f1c-1f24-4405-a122-2f93e0d6c94a (Founding Engineer)
Notes
This middleware will be integrated into the spam classification pipeline to enforce rate limits before processing requests.