arcodange/dance-lessons-coach
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feat(server): add per-IP rate limit middleware on /api/v1/greet (#22)
All checks were successful
CI/CD Pipeline / Build Docker Cache (push) Successful in 1m3s
Details
CI/CD Pipeline / CI Pipeline (push) Successful in 4m4s
Details
CI/CD Pipeline / Trigger Docker Push (push) Successful in 6s
Details

Browse Source 
Phase 1 of ADR-0022. In-memory per-IP rate limiter on golang.org/x/time/rate. Returns 429 with Retry-After when exceeded. 7 unit tests pass. BDD scenario @skip until testserver rework. Closes #13.

~95% Mistral Vibe autonomous via ICM workspace. Cost ~6.5€ (T5 + resume + trainer commit/PR).

Co-authored-by: Gabriel Radureau <arcodange@gmail.com>
Co-committed-by: Gabriel Radureau <arcodange@gmail.com>
This commit was merged in pull request #22.
This commit is contained in:
Gabriel Radureau
2026-05-03 13:16:29 +02:00
committed by arcodange
parent 9cf6e7f1c4
commit 54dd0cc80f
10 changed files with 667 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
pkg/config/config.go
View File

@@ -27,6 +27,7 @@ type Config struct {
API APIConfig `mapstructure:"api"`
Auth AuthConfig `mapstructure:"auth"`
Database DatabaseConfig `mapstructure:"database"`
RateLimit RateLimitConfig `mapstructure:"rate_limit"`
}
// ServerConfig holds server-related configuration
@@ -97,6 +98,13 @@ type DatabaseConfig struct {
ConnMaxLifetime time.Duration `mapstructure:"conn_max_lifetime"`
}
// RateLimitConfig holds rate limiting configuration
type RateLimitConfig struct {
Enabled bool `mapstructure:"enabled"`
RequestsPerMinute int `mapstructure:"requests_per_minute"`
BurstSize int `mapstructure:"burst_size"`
}
// VersionInfo holds application version information
type VersionInfo struct {
Version string `mapstructure:"-"` // Set via ldflags
@@ -189,6 +197,11 @@ func LoadConfig() (*Config, error) {
// API defaults
v.SetDefault("api.v2_enabled", false)
// Rate limit defaults
v.SetDefault("rate_limit.enabled", true)
v.SetDefault("rate_limit.requests_per_minute", 60)
v.SetDefault("rate_limit.burst_size", 10)
// Auth defaults
v.SetDefault("auth.jwt_secret", "default-secret-key-please-change-in-production")
v.SetDefault("auth.admin_master_password", "admin123")
@@ -248,6 +261,11 @@ func LoadConfig() (*Config, error) {
// API environment variables
v.BindEnv("api.v2_enabled", "DLC_API_V2_ENABLED")
// Rate limit environment variables
v.BindEnv("rate_limit.enabled", "DLC_RATE_LIMIT_ENABLED")
v.BindEnv("rate_limit.requests_per_minute", "DLC_RATE_LIMIT_REQUESTS_PER_MINUTE")
v.BindEnv("rate_limit.burst_size", "DLC_RATE_LIMIT_BURST_SIZE")
// Database environment variables
v.BindEnv("database.host", "DLC_DATABASE_HOST")
v.BindEnv("database.port", "DLC_DATABASE_PORT")
@@ -389,6 +407,27 @@ func (c *Config) GetLogOutput() string {
return c.Logging.Output
}
// GetRateLimitEnabled returns whether rate limiting is enabled
func (c *Config) GetRateLimitEnabled() bool {
return c.RateLimit.Enabled
}
// GetRateLimitRequestsPerMinute returns the requests per minute limit
func (c *Config) GetRateLimitRequestsPerMinute() int {
if c.RateLimit.RequestsPerMinute <= 0 {
return 60
}
return c.RateLimit.RequestsPerMinute
}
// GetRateLimitBurstSize returns the burst size for rate limiting
func (c *Config) GetRateLimitBurstSize() int {
if c.RateLimit.BurstSize <= 0 {
return 10
}
return c.RateLimit.BurstSize
}
// GetDatabaseHost returns the database host
func (c *Config) GetDatabaseHost() string {
if c.Database.Host == "" {