45 lines
1.7 KiB
Go
45 lines
1.7 KiB
Go
package ratelimit
|
|
|
|
import (
|
|
"github.com/redis/go-redis/v9"
|
|
"go.uber.org/zap"
|
|
|
|
"codeberg.org/mapleopentech/monorepo/cloud/maplepress-backend/config"
|
|
)
|
|
|
|
// ProvideRateLimiter provides a rate limiter for dependency injection (registration endpoints)
|
|
func ProvideRateLimiter(redisClient *redis.Client, cfg *config.Config, logger *zap.Logger) RateLimiter {
|
|
rateLimitConfig := Config{
|
|
MaxRequests: cfg.RateLimit.RegistrationMaxRequests,
|
|
Window: cfg.RateLimit.RegistrationWindow,
|
|
KeyPrefix: "ratelimit:registration",
|
|
}
|
|
|
|
return NewRateLimiter(redisClient, rateLimitConfig, logger)
|
|
}
|
|
|
|
// ProvideGenericRateLimiter provides a rate limiter for generic CRUD endpoints (CWE-770)
|
|
// This is used for authenticated endpoints like tenant/user/site management, admin endpoints
|
|
// Strategy: User-based limiting (authenticated user ID from JWT)
|
|
func ProvideGenericRateLimiter(redisClient *redis.Client, cfg *config.Config, logger *zap.Logger) RateLimiter {
|
|
rateLimitConfig := Config{
|
|
MaxRequests: cfg.RateLimit.GenericMaxRequests,
|
|
Window: cfg.RateLimit.GenericWindow,
|
|
KeyPrefix: "ratelimit:generic",
|
|
}
|
|
|
|
return NewRateLimiter(redisClient, rateLimitConfig, logger)
|
|
}
|
|
|
|
// ProvidePluginAPIRateLimiter provides a rate limiter for WordPress plugin API endpoints (CWE-770)
|
|
// This is used for plugin endpoints that are core business/revenue endpoints
|
|
// Strategy: Site-based limiting (API key → site_id)
|
|
func ProvidePluginAPIRateLimiter(redisClient *redis.Client, cfg *config.Config, logger *zap.Logger) RateLimiter {
|
|
rateLimitConfig := Config{
|
|
MaxRequests: cfg.RateLimit.PluginAPIMaxRequests,
|
|
Window: cfg.RateLimit.PluginAPIWindow,
|
|
KeyPrefix: "ratelimit:plugin",
|
|
}
|
|
|
|
return NewRateLimiter(redisClient, rateLimitConfig, logger)
|
|
}
|