arcodange/dance-lessons-coach
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feat(server): add per-IP rate limit middleware on /api/v1/greet (#22)
All checks were successful
CI/CD Pipeline / Build Docker Cache (push) Successful in 1m3s
Details
CI/CD Pipeline / CI Pipeline (push) Successful in 4m4s
Details
CI/CD Pipeline / Trigger Docker Push (push) Successful in 6s
Details

Browse Source 
Phase 1 of ADR-0022. In-memory per-IP rate limiter on golang.org/x/time/rate. Returns 429 with Retry-After when exceeded. 7 unit tests pass. BDD scenario @skip until testserver rework. Closes #13.

~95% Mistral Vibe autonomous via ICM workspace. Cost ~6.5€ (T5 + resume + trainer commit/PR).

Co-authored-by: Gabriel Radureau <arcodange@gmail.com>
Co-committed-by: Gabriel Radureau <arcodange@gmail.com>
This commit was merged in pull request #22.
This commit is contained in:
Gabriel Radureau
2026-05-03 13:16:29 +02:00
committed by arcodange
parent 9cf6e7f1c4
commit 54dd0cc80f
10 changed files with 667 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
pkg/bdd/steps/steps.go
View File

@@ -16,6 +16,7 @@ type StepContext struct {
commonSteps *CommonSteps
jwtRetentionSteps *JWTRetentionSteps
configSteps *ConfigSteps
rateLimitSteps *RateLimitSteps
}
// NewStepContext creates a new step context
@@ -28,6 +29,7 @@ func NewStepContext(client *testserver.Client) *StepContext {
commonSteps: NewCommonSteps(client),
jwtRetentionSteps: NewJWTRetentionSteps(client),
configSteps: NewConfigSteps(client),
rateLimitSteps: NewRateLimitSteps(client),
}
}
@@ -62,6 +64,9 @@ func SetScenarioKeyForAllSteps(sc *StepContext, key string) {
if sc.commonSteps != nil {
sc.commonSteps.SetScenarioKey(key)
}
if sc.rateLimitSteps != nil {
sc.rateLimitSteps.SetScenarioKey(key)
}
}
}
@@ -294,6 +299,15 @@ func InitializeAllSteps(ctx *godog.ScenarioContext, client *testserver.Client, s
ctx.Step(`^the audit entry should contain the previous and new values$`, sc.configSteps.theAuditEntryShouldContainThePreviousAndNewValues)
ctx.Step(`^the audit entry should contain the timestamp of the change$`, sc.configSteps.theAuditEntryShouldContainTheTimestampOfTheChange)
// Rate limit steps
ctx.Step(`^the server is running with rate limit set to (\d+) requests per minute and burst (\d+)$`, sc.rateLimitSteps.theServerIsRunningWithRateLimitSetTo)
ctx.Step(`^I make (\d+) requests to "([^"]*)"$`, sc.rateLimitSteps.iMakeNRequestsTo)
ctx.Step(`^all responses should have status (\d+)$`, sc.rateLimitSteps.allResponsesShouldHaveStatus)
ctx.Step(`^I make 1 more request to "([^"]*)"$`, sc.rateLimitSteps.iMakeOneMoreRequestTo)
ctx.Step(`^the response should have status (\d+)$`, sc.rateLimitSteps.theResponseShouldHaveStatus)
ctx.Step(`^the response body should contain "([^"]*)"$`, sc.rateLimitSteps.theResponseBodyShouldContain)
ctx.Step(`^the response should have header "([^"]*)"$`, sc.rateLimitSteps.theResponseShouldHaveHeader)
// Common steps
ctx.Step(`^the response should be "{\\"([^"]*)":\\"([^"]*)"}"$`, sc.commonSteps.theResponseShouldBe)
ctx.Step(`^the response should contain error "([^"]*)"$`, sc.commonSteps.theResponseShouldContainError)