einherjar/cache-valkey
2
0
Fork 0
Code Issues Pull Requests Packages Releases 1 Activity
Files
main
cache-valkey/rate_limiter_store.go

43 lines
1.5 KiB
Go
Raw Permalink Normal View History

feat(cache-valkey): initial implementation — Provider, adapters (v1.0.0) Introduces code.nochebuena.dev/einherjar/cache-valkey — the Valkey cache starter for the Einherjar framework. Absorbs the valkey package from micro-lib and adds three duck-typed adapters that wire directly into auth, web, and auth-jwt. Core: - Provider interface — Get, Set, Del, Exists, Expire, IncrWithTTL, Native() - Component interface — lifecycle.Component + observability.Checkable + Provider - Config struct (EINHERJAR_VALKEY_* env vars) - New(logger, cfg) Component — creates valkey-go client in OnInit; PING in OnStart; logs "valkey: connected" - IncrWithTTL implemented with Lua script (atomic INCR + conditional EXPIRE); race-free fixed-window semantics with no MULTI/EXEC overhead - Priority: LevelDegraded — Valkey outage degrades, does not halt the service Adapters (duck-typed — no import of auth, web, or auth-jwt): - PermissionCache — Get/Set int64 bitmasks as string; satisfies auth/rbac.Cache - RateLimiterStore — fixed-window via IncrWithTTL; satisfies web/mw.RateLimiterStore - Blacklist — Exists/Set "1" with TTL; satisfies auth-jwt.Blacklist Compliance test verifies CT-6, duck-type shape assignments, and full adapter behavioural coverage with a mockProvider (no live server required). - Component interface embeds observability.Identifiable; identifiable.go implements ModulePath and ModuleVersion via runtime/debug.ReadBuildInfo() — prints in launcher banner
2026-05-29 15:58:56 +00:00
package cachevalkey
import (
"context"
"time"
)
// rateLimiterStoreShape mirrors web/mw.RateLimiterStore for compile-time duck-type verification.
// Cache-valkey must not import web (D-1), so the shape is defined locally.
type rateLimiterStoreShape interface {
Allow(ctx context.Context, key string) (bool, error)
}
var _ rateLimiterStoreShape = (*RateLimiterStore)(nil)
// RateLimiterStore is a Valkey-backed fixed-window rate limiter.
// Satisfies web/mw.RateLimiterStore via duck typing — no import of that package required.
//
// window is the length of the time window; limit is the maximum number of requests
// allowed within that window. When the store is temporarily unavailable, Allow returns
// (false, err); the web middleware fails open on non-nil errors.
type RateLimiterStore struct {
provider Provider
window time.Duration
limit int64
}
// NewRateLimiterStore returns a RateLimiterStore backed by p.
// window is the rate limit window; limit is the maximum requests per window.
func NewRateLimiterStore(p Provider, window time.Duration, limit int64) *RateLimiterStore {
return &RateLimiterStore{provider: p, window: window, limit: limit}
}
// Allow reports whether the request identified by key is within the rate limit.
// Uses a fixed-window counter stored in Valkey (atomically via Lua).
func (s *RateLimiterStore) Allow(ctx context.Context, key string) (bool, error) {
count, err := s.provider.IncrWithTTL(ctx, key, s.window)
if err != nil {
return false, err
}
return count <= s.limit, nil
}
Reference in New Issue Copy Permalink