Fix the ratelimit in HumanInputFormApi (vibe-kanban bcdc0260)

The file path is: api/controllers/web/human\_input\_form.py. I have checked the implementation of RateLimiter and suspect this is a bug of the RateLimiter class. Try to use TDD way to locate and fix this issue.
2026-05-06 02:18:08 +08:00 · 2026-01-28 08:19:51 +08:00
parent 966a87b81a
commit 6225975f43
3 changed files with 125 additions and 7 deletions
--- a/api/tests/test_containers_integration_tests/libs/test_rate_limiter_integration.py
+++ b/api/tests/test_containers_integration_tests/libs/test_rate_limiter_integration.py
@ -0,0 +1,25 @@
+"""
+Integration tests for RateLimiter using testcontainers Redis.
+"""
+
+import uuid
+
+import pytest
+
+from extensions.ext_redis import redis_client
+from libs import helper as helper_module
+
+
+@pytest.mark.usefixtures("flask_app_with_containers")
+def test_rate_limiter_counts_multiple_attempts_in_same_second(monkeypatch):
+    prefix = f"test_rate_limit:{uuid.uuid4().hex}"
+    limiter = helper_module.RateLimiter(prefix=prefix, max_attempts=2, time_window=60)
+    key = limiter._get_key("203.0.113.10")
+
+    redis_client.delete(key)
+    monkeypatch.setattr(helper_module.time, "time", lambda: 1_700_000_000)
+
+    limiter.increment_rate_limit("203.0.113.10")
+    limiter.increment_rate_limit("203.0.113.10")
+
+    assert limiter.is_rate_limited("203.0.113.10") is True