1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Plugs.RateLimiterTest do
6 use ExUnit.Case, async: true
9 alias Pleroma.Plugs.RateLimiter
11 import Pleroma.Factory
13 @limiter_name :testing
16 Pleroma.Config.put([:rate_limit, @limiter_name], {1, 1})
18 assert {@limiter_name, {1, 1}} == RateLimiter.init(@limiter_name)
19 assert nil == RateLimiter.init(:foo)
23 assert "127.0.0.1" == RateLimiter.ip(%{remote_ip: {127, 0, 0, 1}})
26 test "it restricts by opts" do
30 Pleroma.Config.put([:rate_limit, @limiter_name], {scale, limit})
32 opts = RateLimiter.init(@limiter_name)
33 conn = conn(:get, "/")
34 bucket_name = "#{@limiter_name}:#{RateLimiter.ip(conn)}"
36 conn = RateLimiter.call(conn, opts)
37 assert {1, 4, _, _, _} = ExRated.inspect_bucket(bucket_name, scale, limit)
39 conn = RateLimiter.call(conn, opts)
40 assert {2, 3, _, _, _} = ExRated.inspect_bucket(bucket_name, scale, limit)
42 conn = RateLimiter.call(conn, opts)
43 assert {3, 2, _, _, _} = ExRated.inspect_bucket(bucket_name, scale, limit)
45 conn = RateLimiter.call(conn, opts)
46 assert {4, 1, _, _, _} = ExRated.inspect_bucket(bucket_name, scale, limit)
48 conn = RateLimiter.call(conn, opts)
49 assert {5, 0, to_reset, _, _} = ExRated.inspect_bucket(bucket_name, scale, limit)
51 conn = RateLimiter.call(conn, opts)
53 assert %{"error" => "Throttled"} = Phoenix.ConnTest.json_response(conn, :too_many_requests)
56 Process.sleep(to_reset)
58 conn = conn(:get, "/")
60 conn = RateLimiter.call(conn, opts)
61 assert {1, 4, _, _, _} = ExRated.inspect_bucket(bucket_name, scale, limit)
63 refute conn.status == Plug.Conn.Status.code(:too_many_requests)
68 test "optional limits for authenticated users" do
69 Ecto.Adapters.SQL.Sandbox.checkout(Pleroma.Repo)
73 Pleroma.Config.put([:rate_limit, @limiter_name], [{1, 10}, {scale, limit}])
75 opts = RateLimiter.init(@limiter_name)
78 conn = conn(:get, "/") |> assign(:user, user)
79 bucket_name = "#{@limiter_name}:#{user.id}"
81 conn = RateLimiter.call(conn, opts)
82 assert {1, 4, _, _, _} = ExRated.inspect_bucket(bucket_name, scale, limit)
84 conn = RateLimiter.call(conn, opts)
85 assert {2, 3, _, _, _} = ExRated.inspect_bucket(bucket_name, scale, limit)
87 conn = RateLimiter.call(conn, opts)
88 assert {3, 2, _, _, _} = ExRated.inspect_bucket(bucket_name, scale, limit)
90 conn = RateLimiter.call(conn, opts)
91 assert {4, 1, _, _, _} = ExRated.inspect_bucket(bucket_name, scale, limit)
93 conn = RateLimiter.call(conn, opts)
94 assert {5, 0, to_reset, _, _} = ExRated.inspect_bucket(bucket_name, scale, limit)
96 conn = RateLimiter.call(conn, opts)
98 assert %{"error" => "Throttled"} = Phoenix.ConnTest.json_response(conn, :too_many_requests)
101 Process.sleep(to_reset)
103 conn = conn(:get, "/") |> assign(:user, user)
105 conn = RateLimiter.call(conn, opts)
106 assert {1, 4, _, _, _} = ExRated.inspect_bucket(bucket_name, scale, limit)
108 refute conn.status == Plug.Conn.Status.code(:too_many_requests)
109 refute conn.resp_body