feat: add rate limit to join codes controller
This commit is contained in:
@@ -1,5 +1,6 @@
|
|||||||
class JoinCodesController < ApplicationController
|
class JoinCodesController < ApplicationController
|
||||||
allow_unauthenticated_access
|
allow_unauthenticated_access
|
||||||
|
rate_limit to: 10, within: 3.minutes, only: :create, with: -> { head :too_many_requests }
|
||||||
|
|
||||||
before_action :set_join_code
|
before_action :set_join_code
|
||||||
before_action :ensure_join_code_is_valid
|
before_action :ensure_join_code_is_valid
|
||||||
|
|||||||
@@ -94,4 +94,12 @@ class JoinCodesControllerTest < ActionDispatch::IntegrationTest
|
|||||||
assert_response :unprocessable_entity
|
assert_response :unprocessable_entity
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
test "create is rate limited" do
|
||||||
|
Rails.cache.stubs(:increment).returns(11)
|
||||||
|
|
||||||
|
post join_path(code: @join_code.code, script_name: @account.slug), params: { email_address: "test@example.com" }
|
||||||
|
|
||||||
|
assert_response :too_many_requests
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|||||||
Reference in New Issue
Block a user