From 5f0f1c663f88448d62b4cde944ac1f8fc0e69a44 Mon Sep 17 00:00:00 2001 From: Zach Margolis Date: Thu, 3 Nov 2022 18:10:40 -0700 Subject: [PATCH 1/3] Use a connection pool for Rack::Attack's redis cache --- config/initializers/rack_attack.rb | 1 + spec/config/initializers/rack_attack_spec.rb | 9 +++++++++ spec/requests/rack_attack_spec.rb | 10 ++++++++-- 3 files changed, 18 insertions(+), 2 deletions(-) create mode 100644 spec/config/initializers/rack_attack_spec.rb diff --git a/config/initializers/rack_attack.rb b/config/initializers/rack_attack.rb index de8e705cab5..30829de022b 100644 --- a/config/initializers/rack_attack.rb +++ b/config/initializers/rack_attack.rb @@ -36,6 +36,7 @@ def headers namespace: 'rack-attack', url: IdentityConfig.store.redis_throttle_url, expires_in: 2.weeks.to_i, + pool_size: IdentityConfig.store.redis_throttle_pool_size, ) ### Configure Safelisting ### diff --git a/spec/config/initializers/rack_attack_spec.rb b/spec/config/initializers/rack_attack_spec.rb new file mode 100644 index 00000000000..ab7da7f9b0b --- /dev/null +++ b/spec/config/initializers/rack_attack_spec.rb @@ -0,0 +1,9 @@ +require 'rails_helper' + +RSpec.describe Rack::Attack do + describe '::cache.store' do + it 'is a pool, not just a plain redis instance' do + expect(Rack::Attack.cache.store.redis).to be_kind_of(ConnectionPool) + end + end +end \ No newline at end of file diff --git a/spec/requests/rack_attack_spec.rb b/spec/requests/rack_attack_spec.rb index c186f48f0fe..4123df71fc0 100644 --- a/spec/requests/rack_attack_spec.rb +++ b/spec/requests/rack_attack_spec.rb @@ -1,8 +1,14 @@ require 'rails_helper' describe 'throttling requests' do - before(:all) { Rack::Attack.cache.store = ActiveSupport::Cache::MemoryStore.new } - before(:each) { Rack::Attack.cache.store.clear } + around do |ex| + original_store = Rack::Attack.cache.store + Rack::Attack.cache.store = ActiveSupport::Cache::MemoryStore.new + Rack::Attack.cache.store.clear + ex.run + ensure + Rack::Attack.cache.store = original_store + end let(:requests_per_ip_limit) { IdentityConfig.store.requests_per_ip_limit } let(:logins_per_ip_limit) { IdentityConfig.store.logins_per_ip_limit } From 7f45163071cca7c48d58c73398da67eefab9293a Mon Sep 17 00:00:00 2001 From: Zach Margolis Date: Fri, 4 Nov 2022 11:12:58 -0700 Subject: [PATCH 2/3] [skip changelog] From c991e200cef0f7ce3b553fdad3090a39982412e6 Mon Sep 17 00:00:00 2001 From: Zach Margolis Date: Fri, 4 Nov 2022 13:31:21 -0700 Subject: [PATCH 3/3] newline --- spec/config/initializers/rack_attack_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/config/initializers/rack_attack_spec.rb b/spec/config/initializers/rack_attack_spec.rb index ab7da7f9b0b..c3b20295db2 100644 --- a/spec/config/initializers/rack_attack_spec.rb +++ b/spec/config/initializers/rack_attack_spec.rb @@ -6,4 +6,4 @@ expect(Rack::Attack.cache.store.redis).to be_kind_of(ConnectionPool) end end -end \ No newline at end of file +end