Added whitelisted paths for rateLimit - Bump Deno runtime to 1.45.4

.github/workflows/master.yml

@@ -18,10 +18,10 @@ jobs:
         with:
           fetch-depth: 0
 
-      - name: Setup Deno v1.44.4
+      - name: Setup Deno v1.45.4
         uses: denoland/setup-deno@v1
         with:
-          deno-version: v1.44.4
+          deno-version: v1.45.4
 
       - name: Setup LCOV        
         run: sudo apt install -y lcov

Dockerfile

@@ -1,4 +1,4 @@
-FROM denoland/deno:alpine-1.43.6
+FROM denoland/deno:alpine-1.45.4
 
 ENV APP_HOME=/home/app
 WORKDIR $APP_HOME

deno.jsonc

@@ -14,5 +14,6 @@
     "clean": "rm -rf ./npm ./coverage",
     "cover": "deno task clean && deno task test && deno task lcov && genhtml -o coverage/html coverage/report.lcov"
   },
-  "lock": false
+  "lock": false,
+  "exports": "./src/index.ts"
 }

src/app.ts

@@ -13,12 +13,13 @@ import { getEnv } from './utils.ts';
 const app = new Application();
 const rateLimit = new RateLimit();
 const helmet = new Helmet();
+const whitelist = ['/api/check', '/swagger.json'];
 
 app.use(helmet.middleware());
 app.use(rateLimit.middleware({
   limit: Number(getEnv('APP_RATE_LIMIT', '1000')),
   windowMs: Number(getEnv('APP_RATE_LIMIT_WINDOW', '60000')),
-}));
+}, whitelist));
 
 app.use(responseTimeLog);
 app.use(responseTime);

src/dto/mapper.ts

@@ -1,7 +1,7 @@
-import { Context, Output } from '../deps.ts';
+import type { Context, Output } from '../deps.ts';
 import { getBooleanParam, getParam } from '../utils.ts';
-import { SearchDocsQueryParams, SearchDocsRequestDto } from './request.ts';
-import { SearchDocsResponseDto } from './response.ts';
+import { SearchDocsQueryParams, type SearchDocsRequestDto } from './request.ts';
+import type { SearchDocsResponseDto } from './response.ts';
 
 export function toSearchDocsResponseDto(output: Output[]): SearchDocsResponseDto {
   return {

src/middleware/helmet.ts

@@ -1,4 +1,4 @@
-import { Context, Middleware, Next } from '../deps.ts';
+import type { Context, Middleware, Next } from '../deps.ts';
 
 const SERVER = 'Deno';
 const ACCESS_CONTROL_ALLOW_ORIGIN = '*';

src/middleware/index.ts

@@ -1,4 +1,4 @@
-import { bold, Context, cyan, green, Next } from '../deps.ts';
+import { bold, type Context, cyan, green, type Next } from '../deps.ts';
 import { logger } from '../utils.ts';
 
 export const responseTime = async (context: Context, next: Next) => {

src/middleware/rate-limit.ts

@@ -1,4 +1,4 @@
-import { Context, Middleware, Next } from '../deps.ts';
+import type { Context, Middleware, Next } from '../deps.ts';
 import { responseError } from '../utils.ts';
 
 class RequestStore {
@@ -31,13 +31,18 @@ export default class RateLimit {
     this.map = new Map();
   }
 
-  public middleware(params: RateLimitParams): Middleware {
+  public middleware(params: RateLimitParams, whitelist?: string[]): Middleware {
     const { limit, windowMs } = params;
 
     return async (context: Context, next: Next) => {
       const ip = context.request.ip;
+      const path = context.request.url.pathname;
       const timestamp = Date.now();
 
+      if (whitelist?.includes(path)) {
+        return await next();
+      }
+
       if (!this.map.has(ip)) {
         this.updateRate(context, limit, limit - 1, windowMs, ip, 1, timestamp);
         return await next();

src/routes/api-docs.ts

@@ -1,4 +1,4 @@
-import { Context, Router } from '../deps.ts';
+import { type Context, Router } from '../deps.ts';
 import swaggerDocument from '../api-docs/swagger-document.ts';
 
 const router = new Router();

src/routes/api.ts

@@ -1,4 +1,4 @@
-import { Context, Router } from '../deps.ts';
+import { type Context, Router } from '../deps.ts';
 import { getEnv } from '../utils.ts';
 
 const router = new Router();

src/routes/searchdocs.ts

@@ -1,4 +1,4 @@
-import { Context, Router, ValidatorFn, ValidatorMiddleware } from '../deps.ts';
+import { type Context, Router, ValidatorFn, ValidatorMiddleware } from '../deps.ts';
 import { toSearchDocsRequestDto, toSearchDocsResponseDto } from '../dto/mapper.ts';
 import { getEnv, responseError, responseSuccess } from '../utils.ts';
 import SearchDocsService from '../services/searchdocs.ts';

src/utils.ts

@@ -1,5 +1,5 @@
-import { bold, Context } from './deps.ts';
-import { ResponseDto } from './dto/response.ts';
+import { bold, type Context } from './deps.ts';
+import type { ResponseDto } from './dto/response.ts';
 
 const Level = Object.freeze({
   INFO: 0,
@@ -47,7 +47,7 @@ export function logger(level: string, component: string, content: string | objec
 
 export function getParam(params: URLSearchParams, key: string, or: string | number) {
   if (params.has(key)) {
-    return params.get(key)?.trim()!;
+    return params.get(key)?.trim();
   }
 
   return or;

test/middleware/helmet.test.ts

@@ -1,5 +1,5 @@
 import Helmet from '../../src/middleware/helmet.ts';
-import { Context, Next } from '../../src/deps.ts';
+import type { Context, Next } from '../../src/deps.ts';
 import { assertEquals } from '../deps.ts';
 
 const newRequest = () => {

test/middleware/rate-limit.test.ts

@@ -1,11 +1,12 @@
 import RateLimit from '../../src/middleware/rate-limit.ts';
-import { Context, Next } from '../../src/deps.ts';
+import type { Context, Next } from '../../src/deps.ts';
 import { assertEquals } from '../deps.ts';
 
 const newRequest = () => {
   return {
     request: {
       ip: 'localhost',
+      url: new URL('http://localhost/api/check'),
     },
     response: {
       status: 0,
@@ -41,6 +42,29 @@ Deno.test({
   },
 });
 
+Deno.test({
+  name: 'RateLimit middleware - it should NOT return 429 error when whitelisted path',
+  async fn() {
+    const rateLimit = new RateLimit();
+    const middleware = rateLimit.middleware({
+      limit: 1,
+      windowMs: 1000,
+    }, ['/api/check']);
+
+    const next = () => {
+      return;
+    };
+
+    const req1 = newRequest();
+    await middleware(req1 as Context, next as Next);
+    assertEquals(req1.response.status, 0);
+
+    const req2 = newRequest();
+    await middleware(req2 as Context, next as Next);
+    assertEquals(req2.response.status, 0);
+  },
+});
+
 Deno.test({
   name: 'RateLimit middleware - it should reset counter after windowMs',
   async fn() {

test/routes/error/searchdocs-url-error.test.ts

@@ -6,6 +6,7 @@ Deno.test({
   name: 'SearchDocs route error - it should NOT return search results - url is not set',
   async fn() {
     Deno.env.set('APP_URL', 'http://localhost:8000');
+    Deno.env.set('APP_FILES', 'README.md');
 
     const searchParams = new URLSearchParams();
     searchParams.append(SearchDocsQueryParams.query, 'Skimming');
@@ -15,7 +16,7 @@ Deno.test({
       .send()
       .expect(500);
 
-    assert(response.body.error.includes('error sending request for url (http://localhost:8000/README.md)'));
+    assert(response.body.error.includes('client error (Connect)'));
 
     // teardown
     Deno.env.set('APP_URL', 'https://raw.githubusercontent.com/petruki/skimming/master/');

test/routes/searchdocs.functional.test.ts

@@ -1,7 +1,7 @@
 import app from '../../src/app.ts';
 import { SearchDocsQueryParams } from '../../src/dto/request.ts';
-import { SearchDocsResponseDto } from '../../src/dto/response.ts';
-import { assert, assertEquals, IResponse, superoak } from '../deps.ts';
+import type { SearchDocsResponseDto } from '../../src/dto/response.ts';
+import { assert, assertEquals, type IResponse, superoak } from '../deps.ts';
 
 Deno.test({
   name: 'SearchDocs route - it should return search results from cache on second request',

test/routes/searchdocs.test.ts

@@ -1,7 +1,7 @@
 import app from '../../src/app.ts';
 import { SearchDocsQueryParams } from '../../src/dto/request.ts';
-import { SearchDocsResponseDto } from '../../src/dto/response.ts';
-import { assert, assertEquals, IResponse, superoak } from '../deps.ts';
+import type { SearchDocsResponseDto } from '../../src/dto/response.ts';
+import { assert, assertEquals, type IResponse, superoak } from '../deps.ts';
 
 Deno.test({
   name: 'SearchDocs route - it should return search results',