File cleanup/organization in controllers/concerns (#27846)

2023-11-30 09:39:41 -05:00 · 2023-11-30 09:39:41 -05:00 · 1f1c75bba5
commit 1f1c75bba5
parent 0530ce5e95
22 changed files with 26 additions and 26 deletions
--- a/app/controllers/concerns/api/access_token_tracking_concern.rb
+++ b/app/controllers/concerns/api/access_token_tracking_concern.rb
@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+module Api::AccessTokenTrackingConcern
+  extend ActiveSupport::Concern
+
+  ACCESS_TOKEN_UPDATE_FREQUENCY = 24.hours.freeze
+
+  included do
+    before_action :update_access_token_last_used
+  end
+
+  private
+
+  def update_access_token_last_used
+    doorkeeper_token.update_last_used(request) if access_token_needs_update?
+  end
+
+  def access_token_needs_update?
+    doorkeeper_token.present? && (doorkeeper_token.last_used_at.nil? || doorkeeper_token.last_used_at < ACCESS_TOKEN_UPDATE_FREQUENCY.ago)
+  end
+end
--- a/app/controllers/concerns/api/caching_concern.rb
+++ b/app/controllers/concerns/api/caching_concern.rb
@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+module Api::CachingConcern
+  extend ActiveSupport::Concern
+
+  def cache_if_unauthenticated!
+    expires_in(15.seconds, public: true, stale_while_revalidate: 30.seconds, stale_if_error: 1.day) unless user_signed_in?
+  end
+
+  def cache_even_if_authenticated!
+    expires_in(5.minutes, public: true, stale_while_revalidate: 30.seconds, stale_if_error: 1.day) unless limited_federation_mode?
+  end
+end
--- a/app/controllers/concerns/api/rate_limit_headers.rb
+++ b/app/controllers/concerns/api/rate_limit_headers.rb
@ -0,0 +1,70 @@
+# frozen_string_literal: true
+
+module Api::RateLimitHeaders
+  extend ActiveSupport::Concern
+
+  class_methods do
+    def override_rate_limit_headers(method_name, options = {})
+      around_action(only: method_name, if: :current_account) do |_controller, block|
+        block.call
+      ensure
+        rate_limiter = RateLimiter.new(current_account, options)
+        rate_limit_headers = rate_limiter.to_headers
+        response.headers.merge!(rate_limit_headers) unless response.headers['X-RateLimit-Remaining'].present? && rate_limit_headers['X-RateLimit-Remaining'].to_i > response.headers['X-RateLimit-Remaining'].to_i
+      end
+    end
+  end
+
+  included do
+    before_action :set_rate_limit_headers, if: :rate_limited_request?
+  end
+
+  private
+
+  def set_rate_limit_headers
+    apply_header_limit
+    apply_header_remaining
+    apply_header_reset
+  end
+
+  def rate_limited_request?
+    !request.env['rack.attack.throttle_data'].nil?
+  end
+
+  def apply_header_limit
+    response.headers['X-RateLimit-Limit'] = rate_limit_limit
+  end
+
+  def rate_limit_limit
+    api_throttle_data[:limit].to_s
+  end
+
+  def apply_header_remaining
+    response.headers['X-RateLimit-Remaining'] = rate_limit_remaining
+  end
+
+  def rate_limit_remaining
+    (api_throttle_data[:limit] - api_throttle_data[:count]).to_s
+  end
+
+  def apply_header_reset
+    response.headers['X-RateLimit-Reset'] = rate_limit_reset
+  end
+
+  def rate_limit_reset
+    (request_time + reset_period_offset).iso8601(6)
+  end
+
+  def api_throttle_data
+    most_limited_type, = request.env['rack.attack.throttle_data'].min_by { |_key, value| value[:limit] - value[:count] }
+    request.env['rack.attack.throttle_data'][most_limited_type]
+  end
+
+  def request_time
+    @request_time ||= Time.now.utc
+  end
+
+  def reset_period_offset
+    api_throttle_data[:period] - (request_time.to_i % api_throttle_data[:period])
+  end
+end