Increasing rate limiting (#539)

* Increassing rate limiting * Fixing test
cds-snc · Jun 12, 2024 · 552ac10 · 552ac10
1 parent a9f8e24
commit 552ac10
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 6 deletions.
diff --git a/app/server/server.py b/app/server/server.py
@@ -198,7 +198,7 @@ async def user(request: Request):
 # Geolocate route. Returns the country, city, latitude, and longitude of the IP address.
 # If we have a custom header of 'X-Sentinel-Source', then we skip rate limiting so that Sentinel is not rate limited
 @handler.get("/geolocate/{ip}")
-@limiter.limit("10/minute", key_func=sentinel_key_func)
+@limiter.limit("20/minute", key_func=sentinel_key_func)
 def geolocate(ip, request: Request):
     reader = maxmind.geolocate(ip)
     if isinstance(reader, str):
@@ -327,7 +327,7 @@ def handle_webhook(id: str, payload: WebhookPayload | str, request: Request):
 # Route53 uses this as a healthcheck every 30 seconds and the alb uses this as a checkpoint every 10 seconds.
 # As a result, we are giving a generous rate limit of so that we don't run into any issues with the healthchecks
 @handler.get("/version")
-@limiter.limit("15/minute")
+@limiter.limit("50/minute")
 def get_version(request: Request):
     return {"version": os.environ.get("GIT_SHA", "unknown")}
 

diff --git a/app/tests/server/test_server.py b/app/tests/server/test_server.py
@@ -591,7 +591,7 @@ async def test_geolocate_rate_limiting():
             return_value=("Country", "City", 12.34, 56.78),
         ):
             # Make 10 requests to the geolocate endpoint
-            for _ in range(10):
+            for _ in range(20):
                 response = await client.get("/geolocate/8.8.8.8")
                 assert response.status_code == 200
                 assert response.json() == {
@@ -601,7 +601,7 @@ async def test_geolocate_rate_limiting():
                     "longitude": 56.78,
                 }
 
-            # The 11th request should be rate limited
+            # The 21th request should be rate limited
             response = await client.get("/geolocate/8.8.8.8")
             assert response.status_code == 429
             assert response.json() == {"message": "Rate limit exceeded"}
@@ -634,11 +634,11 @@ async def test_webhooks_rate_limiting():
 async def test_version_rate_limiting():
     async with AsyncClient(app=app, base_url="http://test") as client:
         # Make 5 requests to the version endpoint
-        for _ in range(15):
+        for _ in range(50):
             response = await client.get("/version")
             assert response.status_code == 200
 
-        # The 6th request should be rate limited
+        # The 51th request should be rate limited
         response = await client.get("/version")
         assert response.status_code == 429
         assert response.json() == {"message": "Rate limit exceeded"}