Skip to content

Comments

Implement Rate Limiting (Throttling) #18#76

Open
Delightech28 wants to merge 4 commits intoNFTopia-Foundation:mainfrom
Delightech28:feat/security-rate-limiting
Open

Implement Rate Limiting (Throttling) #18#76
Delightech28 wants to merge 4 commits intoNFTopia-Foundation:mainfrom
Delightech28:feat/security-rate-limiting

Conversation

@Delightech28
Copy link

Closes #18

  • Installed @nestjs/throttler
  • Configured global rate limit: 100 requests per minute (ttl 60s)
  • Added ThrottlerGuard globally via APP_GUARD
  • Headers X-RateLimit-Limit and X-RateLimit-Remaining are present in responses
  • Tested locally by spamming /api/v1/health endpoint → 429 Too Many Requests after limit
  • Screenshot of 429 response + headers attached (also shows remaining count decreasing)

@Oluwaseyi89
Copy link
Contributor

@Delightech28 please, resolve the type errors and any lint errors.

@Delightech28
Copy link
Author

Hi,

Thanks again for the earlier feedback about type errors and lint issues.

I ran the following locally:

  • pnpm lint --fix → no remaining lint errors
  • pnpm tsc --noEmit → no TypeScript errors
  • Re-tested rate limiting → still hits 429 after 100 requests, headers present

Everything should be clean now.

Happy to make any additional adjustments — just let me know.
Ready for re-review whenever you have time 🙏

@Oluwaseyi89
Copy link
Contributor

@Delightech28 please, review the CI errors.

@Delightech28
Copy link
Author

Hi @Oluwaseyi89 (or any maintainer with write access),

Thanks for the ongoing review!

I pushed an update to .github/workflows/nftopia-backend.yml to fix the "pnpm not found" error (added pnpm/action-setup@v3).

CI is now waiting for maintainer approval to run the workflow (standard security check for forks).

Could you approve the workflow run in #76/#86? Once approved, it should install dependencies, lint, type-check, and test successfully (all passed locally).

Happy to make any other adjustments!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

👮 Security: Implement Rate Limiting (Throttling)

2 participants