fix: multiple ratelimit

JimmyLv · Mar 7, 2023 · 4364722 · 4364722 · vercel · Mar 7, 2023
1 parent 1ad1428
commit 4364722
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 8 deletions.
diff --git a/lib/upstash.ts b/lib/upstash.ts
@@ -2,11 +2,19 @@ import { Ratelimit } from "@upstash/ratelimit";
 import { Redis } from "@upstash/redis";
 import { FREE_LIMIT_COUNT, LOGIN_LIMIT_COUNT } from "~/utils/constants";
 
-export const ratelimit = new Ratelimit({
-  redis: new Redis({
-    url: process.env.UPSTASH_RATE_REDIS_REST_URL,
-    token: process.env.UPSTASH_RATE_REDIS_REST_TOKEN,
-  }),
+const redis = new Redis({
+  url: process.env.UPSTASH_RATE_REDIS_REST_URL,
+  token: process.env.UPSTASH_RATE_REDIS_REST_TOKEN,
+});
+
+export const ratelimitForIps = new Ratelimit({
+  redis,
+  // 速率限制算法 https://github.com/upstash/ratelimit#ratelimiting-algorithms
+  limiter: Ratelimit.fixedWindow(FREE_LIMIT_COUNT, "1 d"),
+  analytics: true, // <- Enable analytics
+});
+export const ratelimitForFreeAccounts = new Ratelimit({
+  redis,
   // 速率限制算法 https://github.com/upstash/ratelimit#ratelimiting-algorithms
   limiter: Ratelimit.fixedWindow(LOGIN_LIMIT_COUNT, "1 d"),
   analytics: true, // <- Enable analytics

diff --git a/middleware.ts b/middleware.ts
@@ -5,7 +5,7 @@ import { NextResponse } from "next/server";
 import { SummarizeParams } from "~/lib/types";
 import { validateLicenseKey } from "./lib/lemon";
 import { checkOpenaiApiKeys } from "./lib/openai/openai";
-import { ratelimit } from "./lib/upstash";
+import { ratelimitForFreeAccounts, ratelimitForIps } from "./lib/upstash";
 import { isDev } from "./utils/env";
 
 const redis = Redis.fromEnv();
@@ -39,7 +39,7 @@ export async function middleware(req: NextRequest, context: NextFetchEvent) {
 
   if (!userKey) {
     const identifier = req.ip ?? "127.0.0.7";
-    const { success, remaining } = await ratelimit.limit(identifier);
+    const { success, remaining } = await ratelimitForIps.limit(identifier);
     console.log(`======== ip ${identifier}, remaining: ${remaining} ========`);
     if (!success) {
       // We need to create a response and hand it to the supabase client to be able to modify the response headers.
@@ -55,7 +55,9 @@ export async function middleware(req: NextRequest, context: NextFetchEvent) {
       const userEmail = session?.user.email;
       if (userEmail) {
         // Authentication successful, forward request to protected route.
-        const { success, remaining } = await ratelimit.limit(userEmail);
+        const { success, remaining } = await ratelimitForFreeAccounts.limit(
+          userEmail
+        );
         console.log(
           `======== user ${userEmail}, remaining: ${remaining} ========`
         );