feat: implement API versioning /api/v1/
- All backend routers moved to /api/v1/ prefix
- Frontend BASE_URL updated to /api/v1
- Setup redirect middleware updated to redirect to /api/v1/setup
- Health router path fixed: prefix=/api/v1/health, @router.get('')
- conftest.py: set server_status=online for test fixture
- Created Docs/API_VERSIONING.md with deprecation policy
- Updated Docs/Backend-Development.md with versioning section
- Updated Instructions.md curl examples
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This commit is contained in:
@@ -86,6 +86,54 @@ ps aux | grep <pid>
|
||||
|
||||
---
|
||||
|
||||
## Rate Limiting
|
||||
|
||||
### Getting 429 Too Many Requests
|
||||
|
||||
**Symptom:** API returns HTTP 429 with `rate_limit_exceeded` error code.
|
||||
|
||||
**Cause:** You have exceeded the per-IP rate limit for a specific operation.
|
||||
|
||||
**Diagnosis:**
|
||||
1. Check the `Retry-After` header in the response — this tells you how many seconds to wait
|
||||
2. Look for the log event `*_rate_limit_exceeded` which shows the bucket and client IP
|
||||
|
||||
**Rate limit buckets:**
|
||||
| Bucket | Limit | Window | Operations |
|
||||
|--------|-------|--------|------------|
|
||||
| `bans:ban` | 100 | 1 minute | Ban IP addresses |
|
||||
| `bans:unban` | 100 | 1 minute | Unban IP addresses |
|
||||
| `blocklist:import` | 10 | 1 hour | Import blocklists |
|
||||
| `config:update` | 50 | 1 minute | Update configuration |
|
||||
| `jail:update` | 100 | 1 minute | Update jail config |
|
||||
| `jail:create` | 100 | 1 minute | Add log paths, assign filters/actions |
|
||||
| `jail:delete` | 100 | 1 minute | Remove log paths, actions |
|
||||
| `jail:activate` | 100 | 1 minute | Activate jails |
|
||||
| `jail:deactivate` | 100 | 1 minute | Deactivate jails |
|
||||
| `filter:update` | 50 | 1 minute | Update filters |
|
||||
| `filter:create` | 50 | 1 minute | Create filters |
|
||||
| `filter:delete` | 50 | 1 minute | Delete filters |
|
||||
| `action:update` | 50 | 1 minute | Update actions |
|
||||
| `action:create` | 50 | 1 minute | Create actions |
|
||||
| `action:delete` | 50 | 1 minute | Delete actions |
|
||||
|
||||
**Solution:**
|
||||
1. Wait for the `Retry-After` period before retrying
|
||||
2. If you hit the limit during legitimate bulk operations, consider batching requests
|
||||
3. For blocklist imports (10/hour), ensure automated imports are not more frequent
|
||||
|
||||
**Prevention:**
|
||||
- Monitor `*_rate_limit_exceeded` log events
|
||||
- Adjust limits via environment variables if needed (see `Docs/CONFIGURATION.md`)
|
||||
- For bulk operations, implement client-side throttling
|
||||
|
||||
**Note:** If rate limiting triggers unexpectedly for legitimate use, check for:
|
||||
- Internal monitoring scripts hitting endpoints too frequently
|
||||
- Multiple users behind the same proxy IP
|
||||
- Stale rate limit state after process restart (uses in-memory tracking)
|
||||
|
||||
---
|
||||
|
||||
## General Recovery Commands
|
||||
|
||||
Clear all locks:
|
||||
|
||||
Reference in New Issue
Block a user