From 83e7e9db8d1529ffaaf0e0d6d9b4adb6bb99404e Mon Sep 17 00:00:00 2001
From: LongYinan <lynweklm@gmail.com>
Date: Fri, 1 Sep 2023 13:51:37 +0800
Subject: [PATCH] fix(server): relax the rate limits (#4092)

---
 .github/workflows/build-server.yml                   | 11 ++++-------
 apps/server/src/modules/auth/next-auth.controller.ts |  2 +-
 apps/server/src/modules/index.ts                     | 11 ++++-------
 apps/server/src/tests/app.e2e.ts                     |  8 ++++----
 apps/server/src/tests/workspace.spec.ts              |  2 +-
 apps/server/src/throttler.ts                         |  3 +++
 6 files changed, 17 insertions(+), 20 deletions(-)

diff --git a/.github/workflows/build-server.yml b/.github/workflows/build-server.yml
index e7a948fa2a..1879e71b7f 100644
--- a/.github/workflows/build-server.yml
+++ b/.github/workflows/build-server.yml
@@ -91,15 +91,13 @@ jobs:
 
       - name: Generate prisma client
         run: |
-          yarn exec prisma generate
-          yarn exec prisma db push
-        working-directory: apps/server
+          yarn workspace @affine/server exec prisma generate
+          yarn workspace @affine/server exec prisma db push
         env:
           DATABASE_URL: postgresql://affine:affine@localhost:5432/affine
 
       - name: Run init-db script
-        run: yarn exec ts-node-esm ./scripts/init-db.ts
-        working-directory: apps/server
+        run: yarn workspace @affine/server exec ts-node-esm ./scripts/init-db.ts
         env:
           DATABASE_URL: postgresql://affine:affine@localhost:5432/affine
 
@@ -110,8 +108,7 @@ jobs:
           path: ./apps/server
 
       - name: Run server tests
-        run: yarn test:coverage
-        working-directory: apps/server
+        run: yarn workspace @affine/server test:coverage
         env:
           CARGO_TARGET_DIR: '${{ github.workspace }}/target'
           DATABASE_URL: postgresql://affine:affine@localhost:5432/affine
diff --git a/apps/server/src/modules/auth/next-auth.controller.ts b/apps/server/src/modules/auth/next-auth.controller.ts
index 39ff0bd0eb..b2464a504b 100644
--- a/apps/server/src/modules/auth/next-auth.controller.ts
+++ b/apps/server/src/modules/auth/next-auth.controller.ts
@@ -44,7 +44,7 @@ export class NextAuthController {
   }
 
   @UseGuards(CloudThrottlerGuard)
-  @Throttle(20, 60)
+  @Throttle(60, 60)
   @All('*')
   async auth(
     @Req() req: Request,
diff --git a/apps/server/src/modules/index.ts b/apps/server/src/modules/index.ts
index 10b0f6fead..10086a6944 100644
--- a/apps/server/src/modules/index.ts
+++ b/apps/server/src/modules/index.ts
@@ -10,7 +10,6 @@ import { UsersModule } from './users';
 import { WorkspaceModule } from './workspaces';
 
 const { SERVER_FLAVOR } = process.env;
-const { NODE_ENV } = process.env;
 
 const BusinessModules: (Type | DynamicModule)[] = [];
 
@@ -40,13 +39,11 @@ switch (SERVER_FLAVOR) {
     break;
 }
 
-const Providers: Provider[] = [];
-
-if (NODE_ENV !== 'test') {
-  Providers.push({
+const Providers: Provider[] = [
+  {
     provide: APP_FILTER,
     useClass: ExceptionLogger,
-  });
-}
+  },
+];
 
 export { BusinessModules, Providers };
diff --git a/apps/server/src/tests/app.e2e.ts b/apps/server/src/tests/app.e2e.ts
index 41eb7206a4..ba07aca88a 100644
--- a/apps/server/src/tests/app.e2e.ts
+++ b/apps/server/src/tests/app.e2e.ts
@@ -15,7 +15,7 @@ import { AppModule } from '../app';
 
 const gql = '/graphql';
 
-describe('AppModule', () => {
+describe('AppModule', async () => {
   let app: INestApplication;
 
   // cleanup database before each test
@@ -54,7 +54,7 @@ describe('AppModule', () => {
     await app.close();
   });
 
-  test('should init app', async () => {
+  await test('should init app', async () => {
     ok(typeof app === 'object');
     await request(app.getHttpServer())
       .post(gql)
@@ -85,7 +85,7 @@ describe('AppModule', () => {
       });
   });
 
-  test('should find default user', async () => {
+  await test('should find default user', async () => {
     const { token } = await createToken(app);
     await request(app.getHttpServer())
       .post(gql)
@@ -106,7 +106,7 @@ describe('AppModule', () => {
       });
   });
 
-  test('should be able to upload avatar', async () => {
+  await test('should be able to upload avatar', async () => {
     const { token, id } = await createToken(app);
     const png = await Transformer.fromRgbaPixels(
       Buffer.alloc(400 * 400 * 4).fill(255),
diff --git a/apps/server/src/tests/workspace.spec.ts b/apps/server/src/tests/workspace.spec.ts
index a9ad077786..817eea16c6 100644
--- a/apps/server/src/tests/workspace.spec.ts
+++ b/apps/server/src/tests/workspace.spec.ts
@@ -62,7 +62,7 @@ describe('Workspace Module', () => {
     ok(user.email === 'u1@affine.pro', 'user.email is not valid');
   });
 
-  it('should be throttled at call signUp', async () => {
+  it.skip('should be throttled at call signUp', async () => {
     let token = '';
     for (let i = 0; i < 10; i++) {
       token = (await signUp(app, `u${i}`, `u${i}@affine.pro`, `${i}`)).token
diff --git a/apps/server/src/throttler.ts b/apps/server/src/throttler.ts
index 3a1db66b6f..60b125342a 100644
--- a/apps/server/src/throttler.ts
+++ b/apps/server/src/throttler.ts
@@ -22,6 +22,9 @@ import { getRequestResponseFromContext } from './utils/nestjs';
         const options: ThrottlerModuleOptions = {
           ttl: config.rateLimiter.ttl,
           limit: config.rateLimiter.limit,
+          skipIf: () => {
+            return !config.node.prod || config.affine.canary;
+          },
         };
         if (config.redis.enabled) {
           new Logger(RateLimiterModule.name).log('Use Redis');