From 87eb55e5f7e5100e63caf7f789299ee7b7c07c6f Mon Sep 17 00:00:00 2001
From: Thomas Bonnin <233326+TBonnin@users.noreply.github.com>
Date: Fri, 1 Mar 2024 11:11:44 +0100
Subject: [PATCH 1/2] Enable server rate limit

---
 packages/server/lib/controllers/ratelimit.middleware.ts | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/packages/server/lib/controllers/ratelimit.middleware.ts b/packages/server/lib/controllers/ratelimit.middleware.ts
index 9b27d10c5b..cf72720c1b 100644
--- a/packages/server/lib/controllers/ratelimit.middleware.ts
+++ b/packages/server/lib/controllers/ratelimit.middleware.ts
@@ -7,7 +7,7 @@ import { getAccount, getRedisUrl, logger } from '@nangohq/shared';
 const rateLimiter = await (async () => {
     const opts = {
         keyPrefix: 'middleware',
-        points: 1200,
+        points: parseInt(process.env['DEFAULT_RATE_LIMIT_PER_MIN'] || '0') || 1200,
         duration: 60,
         blockDuration: 0
     };
@@ -44,9 +44,7 @@ export const rateLimiterMiddleware = (req: Request, res: Response, next: NextFun
             res.setHeader('Retry-After', Math.floor(rateLimiterRes.msBeforeNext / 1000));
             setXRateLimitHeaders(rateLimiterRes);
             logger.info(`Rate limit exceeded for ${key}. Request: ${req.method} ${req.path})`);
-            next();
-            // TODO:
-            // res.status(429).send('Too Many Requests');
+            res.status(429).send('Too Many Requests');
         });
 };
 

From 7b4cab2e71aafd41310f52d795435793338d8a99 Mon Sep 17 00:00:00 2001
From: Thomas Bonnin <233326+TBonnin@users.noreply.github.com>
Date: Fri, 22 Mar 2024 13:49:58 -0400
Subject: [PATCH 2/2] default rate limit to 2400 reqs/min

---
 packages/server/lib/controllers/ratelimit.middleware.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/server/lib/controllers/ratelimit.middleware.ts b/packages/server/lib/controllers/ratelimit.middleware.ts
index cf72720c1b..a9d9cfe251 100644
--- a/packages/server/lib/controllers/ratelimit.middleware.ts
+++ b/packages/server/lib/controllers/ratelimit.middleware.ts
@@ -7,7 +7,7 @@ import { getAccount, getRedisUrl, logger } from '@nangohq/shared';
 const rateLimiter = await (async () => {
     const opts = {
         keyPrefix: 'middleware',
-        points: parseInt(process.env['DEFAULT_RATE_LIMIT_PER_MIN'] || '0') || 1200,
+        points: parseInt(process.env['DEFAULT_RATE_LIMIT_PER_MIN'] || '0') || 2400,
         duration: 60,
         blockDuration: 0
     };