The rate limiting headers are set incorrectly when you're using private (logged in) rate limiting.
For example if you set a limit of 100 tokens per 60 seconds for the logged in user, and a default of 200 tokens per 60 seconds. Then the default will be returned in the headers (except for the 'remaining' header, that one is set correctly).
This new code fixes it in lib/setup/routes.js ine 264:
app[isPrivate ? 'privateRateLimiter' : 'rateLimiter'].consume(key, points).then(rateLimiterRes => {
const reset = Math.ceil(rateLimiterRes.msBeforeNext / 1000);
const points = isPrivate ? config.rateLimit.private.points : config.rateLimit.points;
const duration = isPrivate ? config.rateLimit.private.duration : config.rateLimit.duration;
res.set('RateLimit-Policy', `${points};w=${duration}`);
res.set('RateLimit', `limit=${points}, remaining=${rateLimiterRes.remainingPoints}, reset=${reset}`);
next();
}).catch(rateLimiterRes => {
const reset = Math.ceil(rateLimiterRes.msBeforeNext / 1000);
const points = isPrivate ? config.rateLimit.private.points : config.rateLimit.points;
const duration = isPrivate ? config.rateLimit.private.duration : config.rateLimit.duration;
res.set('RateLimit-Policy', `${points};w=${duration}`);
res.set('RateLimit', `limit=${points}, remaining=${rateLimiterRes.remainingPoints}, reset=${reset}`);
res.set('Retry-After', reset);
if (req.is('json')) {
res.status(429).json({ error: 'Too Many Requests' });
} else {
res.status(429).send('Too Many Requests');
}
});
Can we get this as a permanent fix? Thanks 