arcodange/dance-lessons-coach
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feat(server): add per-IP rate limit middleware on /api/v1/greet (#22)
All checks were successful
CI/CD Pipeline / Build Docker Cache (push) Successful in 1m3s
Details
CI/CD Pipeline / CI Pipeline (push) Successful in 4m4s
Details
CI/CD Pipeline / Trigger Docker Push (push) Successful in 6s
Details

Browse Source 
Phase 1 of ADR-0022. In-memory per-IP rate limiter on golang.org/x/time/rate. Returns 429 with Retry-After when exceeded. 7 unit tests pass. BDD scenario @skip until testserver rework. Closes #13.

~95% Mistral Vibe autonomous via ICM workspace. Cost ~6.5€ (T5 + resume + trainer commit/PR).

Co-authored-by: Gabriel Radureau <arcodange@gmail.com>
Co-committed-by: Gabriel Radureau <arcodange@gmail.com>
This commit was merged in pull request #22.
This commit is contained in:
Gabriel Radureau
2026-05-03 13:16:29 +02:00
committed by arcodange
parent 9cf6e7f1c4
commit 54dd0cc80f
10 changed files with 667 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
pkg/server/server.go
View File

@@ -13,12 +13,13 @@ import (
"time"
"github.com/go-chi/chi/v5"
"github.com/go-chi/chi/v5/middleware"
chimiddleware "github.com/go-chi/chi/v5/middleware"
"github.com/rs/zerolog/log"
httpSwagger "github.com/swaggo/http-swagger"
"dance-lessons-coach/pkg/config"
"dance-lessons-coach/pkg/greet"
"dance-lessons-coach/pkg/middleware"
"dance-lessons-coach/pkg/telemetry"
"dance-lessons-coach/pkg/user"
userapi "dance-lessons-coach/pkg/user/api"
@@ -125,7 +126,7 @@ func initializeUserServices(cfg *config.Config) (user.UserRepository, user.UserS
func (s *Server) setupRoutes() {
// Use Zerolog middleware instead of Chi's default logger
s.router.Use(middleware.RequestLogger(&middleware.DefaultLogFormatter{
s.router.Use(chimiddleware.RequestLogger(&chimiddleware.DefaultLogFormatter{
Logger: &log.Logger,
NoColor: false,
}))
@@ -177,6 +178,13 @@ func (s *Server) registerApiV1Routes(r chi.Router) {
greetService := greet.NewService()
greetHandler := greet.NewApiV1GreetHandler(greetService)
// Create rate limit middleware
rateLimitMiddleware := middleware.NewRateLimiter(middleware.RateLimitConfig{
Enabled: s.config.GetRateLimitEnabled(),
RequestsPerMinute: s.config.GetRateLimitRequestsPerMinute(),
BurstSize: s.config.GetRateLimitBurstSize(),
})
// Create auth middleware if available
var authMiddleware *AuthMiddleware
if s.userService != nil {
@@ -184,6 +192,8 @@ func (s *Server) registerApiV1Routes(r chi.Router) {
}
r.Route("/greet", func(r chi.Router) {
// Add rate limiting middleware for greet endpoint
r.Use(rateLimitMiddleware.Middleware)
// Add optional authentication middleware
if authMiddleware != nil {
r.Use(authMiddleware.Middleware)
@@ -220,8 +230,8 @@ func (s *Server) registerApiV2Routes(r chi.Router) {
// getAllMiddlewares returns all middleware including OpenTelemetry if enabled
func (s *Server) getAllMiddlewares() []func(http.Handler) http.Handler {
middlewares := []func(http.Handler) http.Handler{
middleware.StripSlashes,
middleware.Recoverer,
chimiddleware.StripSlashes,
chimiddleware.Recoverer,
}
if s.withOTEL {