Api: throttle not work as expected

Created on 13 Mar 2019 · 3Comments · Source: dingo/api

| Q | A
| ----------------- | ---
| Bug? | yes
| New Feature? | no
| Framework | Lumen
| Framework version | 5.8.2
| Package version | 2.1.0
| PHP version | 7.3.3/7.1.27

Actual Behaviour

my route

$api->group([
    'middleware' => [
        'api.throttle',
        'serializer:json_api',
    ],
    'limit' => 1, // test
    'expires' =>1, // test
], function () use ($api) {
// ...

return headers on postman

Server →nginx/1.15.8
Content-Type →application/json
Transfer-Encoding →chunked
Connection →keep-alive
Cache-Control →private, must-revalidate
Date →Wed, 13 Mar 2019 03:14:27 GMT
X-RateLimit-Limit →1
X-RateLimit-Remaining →0
X-RateLimit-Reset →1552446927
ETag →"8e283d2087fe2bb2d092bb07f13bd567e9f1ebbc"
Content-Language →en

but still 200 OK status code

Expected Behaviour

Must be return 429 Too Many Requests status

{
    "message": "You have exceeded your rate limit.",
    "status_code": 429
}

Steps to Reproduce

set your limtt and expire both to 1, and make request 2 times, to just make sure it will produce header like on below

X-RateLimit-Limit →1
X-RateLimit-Remaining →0

Possible Solutions

Source

lloricode

Most helpful comment

Hi @lloricode thanks for raising this, it's actually a good point - the only place I think cache is used in Dingo is for throttling, and it is something that hasn't been updated to accommodate laravel 5.8.

I've now updated this, and tagged as 2.2.0, so after you update the package, be mindful to change your setting back.