tRPCttRPC
Powered by
rustclanR
tRPC•3y ago•
2 replies
rustclan

trpc rate limiting

hi

I am currently having some problems with a race condition in my TRPC nextJS api.

Essentially what is happening is I have a 
enforceGuildPermissions
enforceGuildPermissions
 method, which basically checks if the user who is making the request has permission to get the data for that guild.

The data is stored in my Redis cache for 3 seconds. This works okay sometimes, but other times because there is 3-4 different trpc requests running for a single page which are guild, role and channel. It causes the last request (channel) to get rate limited by the discord API because they are all running concurrently, this means it doesn't give my caching code chance to update it before the next one runs.

const enforceGuildPermissions = enforceUserLoggedIn.unstable_pipe(
  async ({ ctx, next, rawInput }) => {
    const guildId: unknown = (rawInput as { guildId?: unknown })?.guildId;
    if (!guildId) throw new TRPCError({ code: 'BAD_REQUEST' });

    const webUser = await cache.webUsers.get(ctx.session.user.id);
    let guilds = webUser?.guilds;
    if (!guilds) {
      guilds = await getUserGuilds(ctx.session)

    }

    if (!guilds) throw new TRPCError({ code: 'UNAUTHORIZED' });
    const foundGuild = guilds.find((guild) => guild.id === guildId);
    if (!foundGuild) throw new TRPCError({ code: 'UNAUTHORIZED' });

    return next({
      ctx: {
        session: { ...ctx.session, user: ctx.session.user },
      },
    });
  }
);

export const guildProcedure = t.procedure.use(enforceGuildPermissions);
const enforceGuildPermissions = enforceUserLoggedIn.unstable_pipe(
  async ({ ctx, next, rawInput }) => {
    const guildId: unknown = (rawInput as { guildId?: unknown })?.guildId;
    if (!guildId) throw new TRPCError({ code: 'BAD_REQUEST' });

    const webUser = await cache.webUsers.get(ctx.session.user.id);
    let guilds = webUser?.guilds;
    if (!guilds) {
      guilds = await getUserGuilds(ctx.session)

    }

    if (!guilds) throw new TRPCError({ code: 'UNAUTHORIZED' });
    const foundGuild = guilds.find((guild) => guild.id === guildId);
    if (!foundGuild) throw new TRPCError({ code: 'UNAUTHORIZED' });

    return next({
      ctx: {
        session: { ...ctx.session, user: ctx.session.user },
      },
    });
  }
);

export const guildProcedure = t.procedure.use(enforceGuildPermissions);

export const getUserGuilds = async (
  session: Session
): Promise<CachedUserGuild[] | null> => {
  if (!session.user.accessToken || !session.user.id) return null;

  const webUser = await cache.webUsers.get(session.user.id);
  if (webUser) return webUser.guilds;

  const response = await fetch(discord...)
  const guilds = await response.json();
  if (!response.ok || guilds.length <= 0) return null;

  await cache.webUsers.create(session.user.id, guilds);

  return guilds;
};
export const getUserGuilds = async (
  session: Session
): Promise<CachedUserGuild[] | null> => {
  if (!session.user.accessToken || !session.user.id) return null;

  const webUser = await cache.webUsers.get(session.user.id);
  if (webUser) return webUser.guilds;

  const response = await fetch(discord...)
  const guilds = await response.json();
  if (!response.ok || guilds.length <= 0) return null;

  await cache.webUsers.create(session.user.id, guilds);

  return guilds;
};
tRPCJoin
Move Fast & Break Nothing. End-to-end typesafe APIs made easy.
5,015Members
Resources
Recent Announcements

Similar Threads

Was this page helpful?

Similar Threads

rate limiting with @fastify/rate-limit
theMostCuriousHomunculusTtheMostCuriousHomunculus / ❓-help
2y ago
Rate limit in TRPC and NextJS?
arashi-devAarashi-dev / ❓-help
3y ago
how to rate limit in trpc express/nodejs server (not nextjs)
test_1Ttest_1 / ❓-help
3y ago