Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Set up ScopedRateThrottle for endpoint-specific rate limits #3581

Merged
merged 3 commits into from
Nov 12, 2024
Merged

Set up ScopedRateThrottle for endpoint-specific rate limits #3581

merged 3 commits into from
Nov 12, 2024

Conversation

jstvz
Copy link
Contributor

@jstvz jstvz commented Nov 7, 2024

PR #3544 disabled ratelimiting for AdminAPI views. This change improves control over rate limits and helps prevent over-throttling.

  • Removed global throttles (AnonRateThrottle, UserRateThrottle)
  • Added ScopedRateThrottle to control rate limits per endpoint
  • Defined custom rate to protect AdminAPI endpoints from DoS

@W-17141510

@jstvz
fix: Update node and CI workflows
112e40a 
- Update node version to latest LTS
- Copy/paste pyjs dockerfile
- temporarily ignore optional deps
- Pytest no longer on PATH
- Ignore tsc error
- Remove coverage step
- suppress eslint errors
@jstvz jstvz changed the base branch from main to build-fix November 12, 2024 00:00
@jstvz
Set up ScopedRateThrottle for endpoint-specific rate limits
60a5571 
PR #3544 disabled ratelimiting for AdminAPI views. This change improves
control over rate limits and helps prevent over-throttling.

- Removed global throttles (`AnonRateThrottle`, `UserRateThrottle`)
- Added `ScopedRateThrottle` to control rate limits per endpoint
- Defined custom rate to protect AdminAPI endpoints from DoS

@W-17141510
@jstvz jstvz force-pushed the admin-api-rate-limits branch from 461ed65 to 60a5571 Compare November 12, 2024 00:00
@jstvz jstvz marked this pull request as ready for review November 12, 2024 00:01
@jstvz jstvz requested a review from a team as a code owner November 12, 2024 00:01
@jstvz jstvz requested a review from vsbharath November 12, 2024 00:01
vsbharath
vsbharath previously approved these changes Nov 12, 2024
View reviewed changes
Base automatically changed from build-fix to main November 12, 2024 01:59
@jstvz jstvz dismissed vsbharath’s stale review November 12, 2024 01:59

The base branch was changed.

@jstvz jstvz enabled auto-merge (squash) November 12, 2024 02:00
@jstvz jstvz disabled auto-merge November 12, 2024 03:23
@jstvz jstvz merged commit f13303e into main Nov 12, 2024
5 checks passed
@jstvz jstvz deleted the admin-api-rate-limits branch November 12, 2024 03:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vsbharath vsbharath vsbharath left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jstvz @vsbharath