SCIX-897 feat: reconcile rate limiting and 429 error handling#901
Draft
thostetler wants to merge 2 commits into
Draft
SCIX-897 feat: reconcile rate limiting and 429 error handling#901thostetler wants to merge 2 commits into
thostetler wants to merge 2 commits into
Conversation
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## master #901 +/- ##
========================================
+ Coverage 67.0% 67.0% +0.1%
========================================
Files 346 347 +1
Lines 41042 41410 +368
Branches 2084 2132 +48
========================================
+ Hits 27489 27744 +255
- Misses 13508 13621 +113
Partials 45 45
🚀 New features to boost your workflow:
|
The node IP limiter redirected rate-limited users to / with a generic toast, so its 429s and upstream API 429s took different paths and no caller saw a real status. Reconcile them, with dedicated auth-aware copy. 1. Middleware returns a real 429 (+ Retry-After) instead of redirecting — an HTML page for document navigations, JSON for XHRs 2. Node and upstream 429s share one client path: a toast for background requests, an inline SearchErrorAlert for foreground queries 3. Only anonymous users get the account-creation CTA; authenticated users (and the auth-unaware parseAPIError) get a plain message 4. Exempt the whole /user/account/ auth surface and /api/user from the node limiter so the CTA and emailed verify/reset links stay reachable 5. Stop retrying 429 search requests; React Query stays retry:false
parseAPIError 429 detection + plain copy, and useSolrError 429 mapping with auth-conditional inline copy.
9d7ea36 to
a4d0453
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The node edge middleware's IP rate limiter redirected rate-limited users to the
home page with a generic toast, so its 429s and the upstream API gateway's 429s
took different code paths and no caller ever saw a real HTTP 429. Users got
inconsistent feedback and no path to a higher limit.
minimal HTML page for document navigations, JSON for XHRs
requests and an inline SearchErrorAlert for foreground queries
authenticated users and the auth-unaware parseAPIError get a plain message
account-creation link stays reachable when rate limited
Authenticated:



Anonymous:


