From e3151ac3ba110117203f98c1c218510ec5eb522b Mon Sep 17 00:00:00 2001 From: Shubham Gupta Date: Thu, 23 Oct 2025 23:50:25 +0530 Subject: [PATCH] Fix rate limiting bugs: exempt health check and improve history filtering - Add /core/health/ to rate limit middleware exempt paths - Fix get_rate_limit_status history filtering to prevent overcounting - Standardize upgrade URL to /core/plans/ across throttling responses --- core/middleware/rate_limit.py | 2 +- core/throttling.py | 7 +++---- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/core/middleware/rate_limit.py b/core/middleware/rate_limit.py index 828d595..9c1872f 100644 --- a/core/middleware/rate_limit.py +++ b/core/middleware/rate_limit.py @@ -25,7 +25,7 @@ def __init__(self, get_response): def __call__(self, request): # Skip rate limiting for certain paths - exempt_paths = ['/admin/', '/static/', '/media/', '/health/'] + exempt_paths = ['/admin/', '/static/', '/media/', '/health/', '/core/health/'] if any(request.path.startswith(path) for path in exempt_paths): return self.get_response(request) diff --git a/core/throttling.py b/core/throttling.py index 370b163..68f2af5 100644 --- a/core/throttling.py +++ b/core/throttling.py @@ -110,7 +110,7 @@ def throttle_failure(self): 'message': 'Too many requests. Please try again later.', 'upgrade_suggestion': { 'recommended_plan': recommended_plan, - 'upgrade_url': '/plans/' + 'upgrade_url': '/core/plans/' } if recommended_plan else None }) @@ -261,10 +261,9 @@ def __init__(self, user): cache_key = throttle.get_cache_key(mock_request, None) history = cache.get(cache_key, []) - # Filter to requests within the current window + # Filter to requests within the current window (oldest entries removed) now = throttle.timer() - while history and history[-1] <= now - duration: - history.pop() + history = [t for t in history if t > now - duration] used = len(history) remaining = max(0, num_requests - used)