fix: Purge old rate-limits

geokrety · Oct 8, 2023 · 61ab1d3 · 61ab1d3
1 parent eea0e48
commit 61ab1d3
Show file tree

Hide file tree

Showing 4 changed files with 34 additions and 0 deletions.
diff --git a/website/app/GeoKrety/Controller/Cli/Cron.php b/website/app/GeoKrety/Controller/Cli/Cron.php
@@ -9,6 +9,7 @@
 use GeoKrety\Model\Scripts;
 use GeoKrety\Model\User;
 use GeoKrety\Model\UsersAuthenticationHistory;
+use GeoKrety\Service\RateLimit;
 use GeoKrety\Session;
 
 class Cron {
@@ -80,4 +81,10 @@ public function expungeUserAuthenticationHistory() {
         $audit->expungeOld();
         $this->script_end();
     }
+
+    public function purgeRateLimitFull() {
+        $this->script_start(__METHOD__);
+        RateLimit::purge();
+        $this->script_end();
+    }
 }
diff --git a/website/app/GeoKrety/Service/RateLimit.php b/website/app/GeoKrety/Service/RateLimit.php
@@ -185,4 +185,29 @@ public static function resetAll() {
             $redis->del($key);
         }
     }
+
+    /**
+     * @throws \GeoKrety\Service\StorageException
+     */
+    public static function purge(): array {
+        $query = '*';
+        /** @var \GeoKrety\Service\Redis $redis */
+        $redis = Redis::instance();
+        $redis->ensureOpenConnection();
+        $allKeys = $redis->keys(sprintf('%s__%s', self::RATE_KEY, $query));
+        $response = [];
+        foreach ($allKeys as $key) {
+            if (preg_match('/^'.self::RATE_KEY.'__(.*)__:(.*):allow$/', $key, $matches) === 0) {
+                continue;
+            }
+            $adapter = new RedisAdapter($redis->getRedis());
+            $key = self::RATE_KEY."__{$matches[1]}__";
+            $rateLimit = new RateLimiter($key, GK_RATE_LIMITS[$matches[1]][0], GK_RATE_LIMITS[$matches[1]][1], $adapter);
+            if (GK_RATE_LIMITS[$matches[1]][0] <= $rateLimit->getAllowance($matches[2])) {
+                $rateLimit->purge($matches[2]);
+            }
+        }
+
+        return $response;
+    }
 }
diff --git a/website/app/cli.ini b/website/app/cli.ini
@@ -18,6 +18,7 @@ GET /cli/basex/exportBasic [cli] = \GeoKrety\Controller\Cli\BaseX->exportBasic
 GET /cli/basex/exportDetails [cli] = \GeoKrety\Controller\Cli\BaseX->exportDetails
 
 GET /cli/user/email-activation-token/prune [cli] = \GeoKrety\Controller\Cli\EmailActivationToken->prune
+GET /cli/rate-limit/purge [cli] = \GeoKrety\Controller\Cli\Cron->purgeRateLimitFull
 
 GET /cli/user/account-activation-token/renotifyUnactivatedAccounts/@days [cli] = \GeoKrety\Controller\Cli\AccountActivationToken->renotifyUnactivatedAccounts
 GET /cli/user/account-activation-token/deleteNeverActivatedAccounts [cli] = \GeoKrety\Controller\Cli\AccountActivationToken->deleteNeverActivatedAccounts

diff --git a/website/app/cron.ini b/website/app/cron.ini
@@ -13,6 +13,7 @@ binary = /usr/local/bin/php
 CleanSessions = \GeoKrety\Controller\Cli\Cron->cleanExpiredSessions, * * * * *
 DatabaseMetricsUpdate = GeoKrety\Controller\Metrics->database_counts, * * * * *
 CheckLockedScripts = GeoKrety\Controller\Cli\Cron->checkLockedScripts, * * * * *
+PurgeRateLimitFull = \GeoKrety\Controller\Cli\Cron->purgeRateLimitFull, * * * * *
 refreshMaterializedView = GeoKrety\Controller\Cli\Cron->refreshMaterializedView, */5 * * * *
 expungeAuditLogs = \GeoKrety\Controller\Cli\Cron->expungeAuditLogs, 15 7 * * *
 expungeAuditPosts = \GeoKrety\Controller\Cli\Cron->expungeAuditPosts, 20 7 * * *