feat: add rate limit to join codes controller
This commit is contained in:
@@ -1,5 +1,6 @@
|
||||
class JoinCodesController < ApplicationController
|
||||
allow_unauthenticated_access
|
||||
rate_limit to: 10, within: 3.minutes, only: :create, with: -> { head :too_many_requests }
|
||||
|
||||
before_action :set_join_code
|
||||
before_action :ensure_join_code_is_valid
|
||||
|
||||
@@ -94,4 +94,12 @@ class JoinCodesControllerTest < ActionDispatch::IntegrationTest
|
||||
assert_response :unprocessable_entity
|
||||
end
|
||||
end
|
||||
|
||||
test "create is rate limited" do
|
||||
Rails.cache.stubs(:increment).returns(11)
|
||||
|
||||
post join_path(code: @join_code.code, script_name: @account.slug), params: { email_address: "test@example.com" }
|
||||
|
||||
assert_response :too_many_requests
|
||||
end
|
||||
end
|
||||
|
||||
Reference in New Issue
Block a user