discourse/spec/jobs
Osama Sayegh b86127ad12
FEATURE: Apply rate limits per user instead of IP for trusted users (#14706)
Currently, Discourse rate limits all incoming requests by the IP address they
originate from regardless of the user making the request. This can be
frustrating if there are multiple users using Discourse simultaneously while
sharing the same IP address (e.g. employees in an office).

This commit implements a new feature to make Discourse apply rate limits by
user id rather than IP address for users at or higher than the configured trust
level (1 is the default).

For example, let's say a Discourse instance is configured to allow 200 requests
per minute per IP address, and we have 10 users at trust level 4 using
Discourse simultaneously from the same IP address. Before this feature, the 10
users could only make a total of 200 requests per minute before they got rate
limited. But with the new feature, each user is allowed to make 200 requests
per minute because the rate limits are applied on user id rather than the IP
address.

The minimum trust level for applying user-id-based rate limits can be
configured by the `skip_per_ip_rate_limit_trust_level` global setting. The
default is 1, but it can be changed by either adding the
`DISCOURSE_SKIP_PER_IP_RATE_LIMIT_TRUST_LEVEL` environment variable with the
desired value to your `app.yml`, or changing the setting's value in the
`discourse.conf` file.

Requests made with API keys are still rate limited by IP address and the
relevant global settings that control API keys rate limits.

Before this commit, Discourse's auth cookie (`_t`) was simply a 32 characters
string that Discourse used to lookup the current user from the database and the
cookie contained no additional information about the user. However, we had to
change the cookie content in this commit so we could identify the user from the
cookie without making a database query before the rate limits logic and avoid
introducing a bottleneck on busy sites.

Besides the 32 characters auth token, the cookie now includes the user id,
trust level and the cookie's generation date, and we encrypt/sign the cookie to
prevent tampering.

Internal ticket number: t54739.
2021-11-17 23:27:30 +03:00
..
regular FIX: Drop malformed CC addresses in GroupSmtpEmail job (#14934) 2021-11-16 08:15:11 +10:00
about_stats_spec.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
activation_reminder_emails_spec.rb
auto_expire_user_api_keys_spec.rb DEV: Improve flaky time-sensitive specs (#9141) 2020-03-10 22:13:17 +01:00
auto_queue_handler_spec.rb DEV: Remove stray code that has been commented out. 2020-07-29 09:58:29 +08:00
automatic_group_membership_spec.rb DEV: Ensure DiscourseEvent handlers cleaned up during specs (#11205) 2020-11-11 19:46:13 +00:00
bookmark_reminder_notifications_spec.rb FIX: When user has already hit bookmark limit, do not error for clear_reminder! or other updates (#12658) 2021-04-09 13:06:35 +10:00
bulk_grant_trust_level_spec.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
bulk_invite_spec.rb DEV: Correct typos and spelling mistakes (#12812) 2021-05-21 11:43:47 +10:00
bump_topic_spec.rb
clean_dismissed_topic_users_spec.rb FIX: Dismiss new with better migration (#12062) 2021-02-15 08:50:33 +11:00
clean_up_associated_accounts_spec.rb
clean_up_crawler_stats_spec.rb
clean_up_email_change_requests_spec.rb DEV: Periodically delete old email change requests (#13054) 2021-05-14 10:34:56 +03:00
clean_up_email_logs_spec.rb
clean_up_inactive_users_spec.rb
clean_up_post_reply_keys_spec.rb
clean_up_unused_staged_users_spec.rb FEATURE: Add site setting to disable staged user cleanup 2020-03-09 10:26:41 +01:00
clean_up_uploads_spec.rb DEV: use upload id to save in theme setting instead of URL. (#14341) 2021-09-16 07:58:53 +05:30
clean_up_user_export_topics_spec.rb FIX: delete system generated message when user_export record is deleted (#7595) 2019-05-28 16:38:41 +05:30
cleanup_imap_sync_log_spec.rb DEV: IMAP debugging improvements (#11784) 2021-01-21 11:37:47 +10:00
close_topic_spec.rb FEATURE: Topic timer UI revamp (#11912) 2021-02-03 10:13:32 +10:00
correct_missing_dualstack_urls_spec.rb DEV: Clean up S3 specs, stubs, and helpers 2020-09-28 12:02:25 +01:00
crawl_topic_link_spec.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
create_linked_topic_spec.rb FIX: when creating linked topics make sure they belong to same category (#11188) 2020-11-11 00:44:27 +05:30
create_missing_avatars_spec.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
create_recent_post_search_indexes_spec.rb PERF: Create a partial regular post_search_data index on large sites. 2020-08-27 13:42:00 +08:00
create_user_reviewable_spec.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
dashboard_stats_spec.rb FEATURE: remove duplicated messages about new advices (#14319) 2021-09-15 08:59:25 +10:00
delete_replies_spec.rb FEATURE: Allow durations < 1 hour and < 1 day for topic timers where duration is specified (auto delete replies, close based on last post) (#11961) 2021-02-05 10:12:56 +10:00
delete_topic_spec.rb
disable_bootstrap_mode_spec.rb
download_avatar_from_url_spec.rb
download_backup_email_spec.rb
download_profile_background_from_url_spec.rb
emit_web_hook_event_spec.rb FEATURE: add support for like webhooks (#12917) 2021-04-30 17:08:38 -07:00
enable_bootstrap_mode_spec.rb
enqueue_digest_emails_spec.rb PERF: Do not enqueue digest emails when attempted recently (#10849) 2020-10-07 15:30:38 +01:00
enqueue_suspect_users_spec.rb FIX: Reduce the time_read threshold to one minute. (#12159) 2021-02-20 08:25:32 -03:00
ensure_s3_uploads_existence_spec.rb DEV: Clean up S3 specs, stubs, and helpers 2020-09-28 12:02:25 +01:00
export_csv_file_spec.rb FEATURE: Rename 'Discourse SSO' to DiscourseConnect (#11978) 2021-02-08 10:04:33 +00:00
export_user_archive_spec.rb FEATURE: Apply rate limits per user instead of IP for trusted users (#14706) 2021-11-17 23:27:30 +03:00
feature_topic_users_spec.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
fix_out_of_sync_user_uploaded_avatar_spec.rb
fix_primary_emails_for_staged_users_spec.rb
fix_s3_etags_spec.rb
fix_user_usernames_and_groups_names_clash_spec.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
grant_anniversary_badges_spec.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
grant_new_user_of_the_month_badges_spec.rb FIX: Don't award new user of the month in the wrong month 2020-07-13 15:05:30 -04:00
heartbeat_spec.rb DEV: Replace `Time.new` with `Time.now` (#9142) 2020-03-09 17:37:49 +01:00
ignored_users_summary_spec.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
invalidate_inactive_admins_spec.rb DEV: Migrate Github authentication to ManagedAuthenticator (#11170) 2020-11-10 10:09:15 +00:00
invite_email_spec.rb FIX: Correctly use invite to topic email templates (#12411) 2021-03-16 17:08:54 +02:00
jobs_base_spec.rb DEV: Run jobs sequentially in test mode (#9897) 2020-05-28 12:52:27 +01:00
jobs_spec.rb DEV: Correct typos and spelling mistakes (#12812) 2021-05-21 11:43:47 +10:00
mass_award_badge_spec.rb FEATURE: Add option to grant badge multiple times to users using Bulk Award (#13571) 2021-07-15 05:53:26 +03:00
migrate_badge_image_to_uploads_spec.rb UX: Add image uploader widget for uploading badge images (#12377) 2021-03-17 08:55:23 +03:00
migrate_group_flair_images_spec.rb FIX: Group#flair_url must be a real URL (#11400) 2020-12-07 13:35:41 +02:00
notify_mailing_list_subscribers_spec.rb FIX: Do not send emails to mailing_list_mode subscribers for PMs (#14159) 2021-08-26 15:16:35 +10:00
notify_moved_posts_spec.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
notify_reviewable_spec.rb FIX: sync reviewable count when opening the hamburger menu (#10368) 2020-08-07 18:13:02 +02:00
notify_tag_change_spec.rb FIX: do not notify when the hidden tag is added or removed (#12025) 2021-02-11 10:03:45 +11:00
old_keys_reminder_spec.rb DEV: remove instagram login site settings and auth classes. (#11073) 2020-10-30 09:09:56 +05:30
open_topic_spec.rb FEATURE: Topic timer UI revamp (#11912) 2021-02-03 10:13:32 +10:00
pending_queued_posts_reminder_spec.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
pending_reviewables_reminder_spec.rb
pending_users_reminder_spec.rb FEATURE: Staff can receive pending user reminders more frequently. (#13422) 2021-06-24 10:02:56 -03:00
periodical_updates_spec.rb DEV: Improve flaky time-sensitive specs (#9141) 2020-03-10 22:13:17 +01:00
poll_mailbox_spec.rb FIX: POP3 polling shouldn't stop after exception or old email (#12742) 2021-04-19 10:27:29 +02:00
post_update_topic_tracking_state_spec.rb FIX: Check if post.topic exists before publishing topic updates (#11900) 2021-02-09 16:41:22 +11:00
post_uploads_recovery_spec.rb
process_bulk_invite_emails_spec.rb FEATURE: send max 200 emails every minute for bulk invites (#7875) 2019-07-19 11:29:12 +05:30
process_email_spec.rb DEV: Add created_via column to IncomingEmail (#11751) 2021-01-20 13:22:41 +10:00
process_post_spec.rb FIX: remove 'crawl_images' site setting (#14646) 2021-10-19 17:12:29 +05:30
process_shelved_notifications_spec.rb DEV: Replace 'processed' column on notifications with new table (#11864) 2021-01-27 10:29:24 -06:00
publish_topic_to_category_spec.rb FIX: Auto close topic from category settings based on topic created_at (#12082) 2021-02-17 07:51:39 +10:00
pull_hotlinked_images_spec.rb FIX: remove 'crawl_images' site setting (#14646) 2021-10-19 17:12:29 +05:30
pull_user_profile_hotlinked_images_spec.rb FEATURE: Pull hotlinked images in user bios (#14726) 2021-10-29 17:58:05 +03:00
purge_expired_ignored_users_spec.rb DEV: Cleanup ignored user logic (#11107) 2020-11-03 12:38:54 +00:00
rebake_custom_emoji_posts_spec.rb
reindex_search_spec.rb FIX: reindex_search job should work on model with no search data (#11819) 2021-01-25 11:23:36 +01:00
remove_banner_spec.rb DEV: adds support for bannered until (#13417) 2021-06-24 11:35:36 +02:00
reviewable_priorities_spec.rb FIX: Use a better default for the low_priority_threshold setting. (#13161) 2021-05-26 13:16:16 -03:00
send_system_message_spec.rb
suspicious_login_spec.rb
sync_topic_user_bookmarked_spec.rb DEV: Ignore bookmarks.topic_id column and remove references to it in code (#14289) 2021-09-15 10:16:54 +10:00
tl3_promotions_spec.rb PERF: Dematerialize topic_reply_count (#9769) 2020-05-14 15:42:00 -07:00
toggle_topic_closed_spec.rb FIX: Clean up toggle closed topic timer when user is not authorized. 2020-08-26 12:59:05 +08:00
topic_timer_enqueuer_spec.rb FIX: Do not prevent other topic timers running on error (#13665) 2021-07-08 12:49:58 +10:00
truncate_user_flag_stats_spec.rb DEV: Improve flaky time-sensitive specs (#9141) 2020-03-10 22:13:17 +01:00
unsilence_users_spec.rb
update_animated_uploads_spec.rb FIX: Ensure old uploads can have animated field updated (#10963) 2020-10-20 19:11:43 +03:00
update_gravatar_spec.rb FIX: Gravatar download attempt if user is missing their email 2020-09-02 20:19:46 -06:00
update_s3_inventory_spec.rb DEV: Clean up S3 specs, stubs, and helpers 2020-09-28 12:02:25 +01:00
update_username_spec.rb FIX: Don't raise error in update username job if user has been deleted. 2020-09-02 11:17:17 +08:00
user_email_spec.rb DEV: Commit failing test for email substution bug 2021-07-08 15:56:09 -07:00