einherjar/cache-valkey
2
0
Fork 0
Code Issues Pull Requests Packages Releases 1 Activity
Files
df7aa63e5c03434fd063a28c526c3eccc643894c
cache-valkey/rate_limiter_store.go
Rene Nochebuena df7aa63e5c feat(cache-valkey): initial implementation — Provider, adapters (v1.0.0) 
Introduces code.nochebuena.dev/einherjar/cache-valkey — the Valkey cache starter
for the Einherjar framework. Absorbs the valkey package from micro-lib and adds
three duck-typed adapters that wire directly into auth, web, and auth-jwt.

Core:
- Provider interface — Get, Set, Del, Exists, Expire, IncrWithTTL, Native()
- Component interface — lifecycle.Component + observability.Checkable + Provider
- Config struct (EINHERJAR_VALKEY_* env vars)
- New(logger, cfg) Component — creates valkey-go client in OnInit;
  PING in OnStart; logs "valkey: connected"
- IncrWithTTL implemented with Lua script (atomic INCR + conditional EXPIRE);
  race-free fixed-window semantics with no MULTI/EXEC overhead
- Priority: LevelDegraded — Valkey outage degrades, does not halt the service

Adapters (duck-typed — no import of auth, web, or auth-jwt):
- PermissionCache — Get/Set int64 bitmasks as string; satisfies auth/rbac.Cache
- RateLimiterStore — fixed-window via IncrWithTTL; satisfies web/mw.RateLimiterStore
- Blacklist — Exists/Set "1" with TTL; satisfies auth-jwt.Blacklist

Compliance test verifies CT-6, duck-type shape assignments, and full adapter
behavioural coverage with a mockProvider (no live server required).

- Component interface embeds observability.Identifiable; identifiable.go implements
  ModulePath and ModuleVersion via runtime/debug.ReadBuildInfo() — prints in launcher banner
2026-05-29 15:58:56 +00:00

43 lines
1.5 KiB
Go
Raw Blame History

package cachevalkey
import (
"context"
"time"
)
// rateLimiterStoreShape mirrors web/mw.RateLimiterStore for compile-time duck-type verification.
// Cache-valkey must not import web (D-1), so the shape is defined locally.
type rateLimiterStoreShape interface {
Allow(ctx context.Context, key string) (bool, error)
}
var _ rateLimiterStoreShape = (*RateLimiterStore)(nil)
// RateLimiterStore is a Valkey-backed fixed-window rate limiter.
// Satisfies web/mw.RateLimiterStore via duck typing — no import of that package required.
//
// window is the length of the time window; limit is the maximum number of requests
// allowed within that window. When the store is temporarily unavailable, Allow returns
// (false, err); the web middleware fails open on non-nil errors.
type RateLimiterStore struct {
provider Provider
window time.Duration
limit int64
}
// NewRateLimiterStore returns a RateLimiterStore backed by p.
// window is the rate limit window; limit is the maximum requests per window.
func NewRateLimiterStore(p Provider, window time.Duration, limit int64) *RateLimiterStore {
return &RateLimiterStore{provider: p, window: window, limit: limit}
}
// Allow reports whether the request identified by key is within the rate limit.
// Uses a fixed-window counter stored in Valkey (atomically via Lua).
func (s *RateLimiterStore) Allow(ctx context.Context, key string) (bool, error) {
count, err := s.provider.IncrWithTTL(ctx, key, s.window)
if err != nil {
return false, err
}
return count <= s.limit, nil
}
Reference in New Issue View Git Blame Copy Permalink