refactored throttling functions during rateLimiter setup

shalarewicz · shalarewicz · commit 91a5672ff850 · 2022-08-17T22:39:47.000-04:00
diff --git a/src/middleware/rateLimiterSetup.ts b/src/middleware/rateLimiterSetup.ts
@@ -24,6 +24,88 @@ export default function setupRateLimiter(
 ): RateLimiter {
     let rateLimiter: RateLimiter;
 
+    /**
+     * We are using a queue and event emitter to handle situations where a user has two concurrent requests being processed.
+     * The trailing request will be added to the queue to and await the prior request processing by the rate-limiter
+     * This will maintain the consistency and accuracy of the cache when under load from one user
+     */
+    // stores request IDs for each user in an array to be processed
+    const requestQueues: { [index: string]: string[] } = {};
+    // Manages processing of requests queue
+    const requestEvents = new EventEmitter();
+
+    // processes requests (by resolving  promises) that have been throttled by throttledProcess
+    async function processRequestResolver(
+        userId: string,
+        timestamp: number,
+        tokens: number,
+        processRequest: (
+            userId: string,
+            timestamp: number,
+            tokens: number
+        ) => Promise<RateLimiterResponse>,
+        resolve: (value: RateLimiterResponse | PromiseLike<RateLimiterResponse>) => void,
+        reject: (reason: unknown) => void
+    ) {
+        try {
+            const response = await processRequest(userId, timestamp, tokens);
+            requestQueues[userId] = requestQueues[userId].slice(1);
+            resolve(response);
+            // trigger the next event and delete the request queue for this user if there are no more requests to process
+            requestEvents.emit(requestQueues[userId][0]);
+            if (requestQueues[userId].length === 0) delete requestQueues[userId];
+        } catch (err) {
+            reject(err);
+        }
+    }
+
+    /**
+     * Throttle rateLimiter.processRequest based on user IP to prevent inaccurate redis reads
+     * Throttling is based on a event driven promise fulfillment approach.
+     * Each time a request is received a promise is added to the user's request queue. The promise "subscribes"
+     * to the previous request in the user's queue then calls processRequest and resolves once the previous request
+     * is complete.
+     * @param userId
+     * @param timestamp
+     * @param tokens
+     * @returns
+     */
+    async function throttledProcess(
+        processRequest: (
+            userId: string,
+            timestamp: number,
+            tokens: number
+        ) => Promise<RateLimiterResponse>,
+        userId: string,
+        timestamp: number,
+        tokens = 1
+    ): Promise<RateLimiterResponse> {
+        // Alternatively use crypto.randomUUID() to generate a random uuid
+        const requestId = `${timestamp}${tokens}`;
+
+        if (!requestQueues[userId]) {
+            requestQueues[userId] = [];
+        }
+        requestQueues[userId].push(requestId);
+
+        return new Promise((resolve, reject) => {
+            if (requestQueues[userId].length > 1) {
+                requestEvents.once(requestId, async () => {
+                    processRequestResolver(
+                        userId,
+                        timestamp,
+                        tokens,
+                        processRequest,
+                        resolve,
+                        reject
+                    );
+                });
+            } else {
+                processRequestResolver(userId, timestamp, tokens, processRequest, resolve, reject);
+            }
+        });
+    }
+
     try {
         switch (rateLimiterConfig.type) {
             case 'TOKEN_BUCKET':
@@ -65,38 +147,7 @@ export default function setupRateLimiter(
                 throw new Error('Selected rate limiting algorithm is not suppported');
         }
 
-        const processRequest = rateLimiter.processRequest.bind(rateLimiter);
-
-        /**
-         * We are using a queue and event emitter to handle situations where a user has two concurrent requests being processed.
-         * The trailing request will be added to the queue to and await the prior request processing by the rate-limiter
-         * This will maintain the consistency and accuracy of the cache when under load from one user
-         */
-        // stores request IDs for each user in an array to be processed
-        const requestQueues: { [index: string]: string[] } = {};
-        // Manages processing of requests queue
-        const requestEvents = new EventEmitter();
-
-        // processes requests (by resolving  promises) that have been throttled by throttledProcess
-        // eslint-disable-next-line no-inner-declarations
-        async function processRequestResolver(
-            userId: string,
-            timestamp: number,
-            tokens: number,
-            resolve: (value: RateLimiterResponse | PromiseLike<RateLimiterResponse>) => void,
-            reject: (reason: unknown) => void
-        ) {
-            try {
-                const response = await processRequest(userId, timestamp, tokens);
-                requestQueues[userId] = requestQueues[userId].slice(1);
-                resolve(response);
-                // trigger the next event and delete the request queue for this user if there are no more requests to process
-                requestEvents.emit(requestQueues[userId][0]);
-                if (requestQueues[userId].length === 0) delete requestQueues[userId];
-            } catch (err) {
-                reject(err);
-            }
-        }
+        const boundProcessRequest = rateLimiter.processRequest.bind(rateLimiter);
 
         /**
          * Throttle rateLimiter.processRequest based on user IP to prevent inaccurate redis reads
@@ -109,32 +160,13 @@ export default function setupRateLimiter(
          * @param tokens
          * @returns
          */
-        // eslint-disable-next-line no-inner-declarations
-        async function throttledProcess(
+        rateLimiter.processRequest = async (
             userId: string,
             timestamp: number,
             tokens = 1
-        ): Promise<RateLimiterResponse> {
-            // Alternatively use crypto.randomUUID() to generate a random uuid
-            const requestId = `${timestamp}${tokens}`;
-
-            if (!requestQueues[userId]) {
-                requestQueues[userId] = [];
-            }
-            requestQueues[userId].push(requestId);
-
-            return new Promise((resolve, reject) => {
-                if (requestQueues[userId].length > 1) {
-                    requestEvents.once(requestId, async () => {
-                        await processRequestResolver(userId, timestamp, tokens, resolve, reject);
-                    });
-                } else {
-                    processRequestResolver(userId, timestamp, tokens, resolve, reject);
-                }
-            });
-        }
+        ): Promise<RateLimiterResponse> =>
+            throttledProcess(boundProcessRequest, userId, timestamp, tokens);
 
-        rateLimiter.processRequest = throttledProcess;
         return rateLimiter;
     } catch (err) {
         throw new Error(`Error in expressGraphQLRateLimiter setting up rate-limiter: ${err}`);
