~evanj/cms

7092668b038fb5c831981d303f6553b94b9c0bf8 — Evan M Jones 1 year, 2 months ago 7bc6c63
Fix(rate limiting): Don't rely on MySQL time zone for rate limit
checking.
2 files changed, 6 insertions(+), 6 deletions(-)

M internal/s/db/action.go
M internal/s/rl/rl.go
M internal/s/db/action.go => internal/s/db/action.go +2 -2
@@ 6,8 6,8 @@ import (
	"git.sr.ht/~evanj/cms/internal/m/org"
)

func (db *DB) ActionNew(o org.Org) error {
	_, err := db.Exec("INSERT INTO cms_action (ORG_ID) VALUES (?)", o.ID())
func (db *DB) ActionNew(o org.Org, at time.Time) error {
	_, err := db.Exec("INSERT INTO cms_action (ORG_ID, AT) VALUES (?, ?)", o.ID(), at.Format("2006-01-02 03:04:05"))
	return err
}


M internal/s/rl/rl.go => internal/s/rl/rl.go +4 -4
@@ 44,14 44,14 @@ func New(l *log.Logger, db *cache.Cache) RL {
// Limit requests made.

func (rl RL) requestLimit(o org.Org) error {
	now := time.Now().UTC()

	limit, ok := requestLimits[o.Tier().Name]
	if !ok {
		// If not in map, unlimited.
		return rl.db.ActionNew(o)
		return rl.db.ActionNew(o, now)
	}

	// TODO: Time zone?
	now := time.Now()
	c, err := rl.db.ActionGetCount(o, now.Add(-1*time.Minute), now)
	if err != nil {
		return err


@@ 61,7 61,7 @@ func (rl RL) requestLimit(o org.Org) error {
		return ErrHitLimit
	}

	return rl.db.ActionNew(o)
	return rl.db.ActionNew(o, now)
}

func (rl RL) UserGet(username, password string) (user.User, error) {