mw/in_memory_rate_limiter_store.go

package mw

import (
	"context"
	"sync"
	"time"

	"golang.org/x/time/rate"
)

var _ RateLimiterStore = (*InMemoryRateLimiterStore)(nil)

const inMemoryCleanupInterval = 5 * time.Minute

type limiterEntry struct {
	limiter  *rate.Limiter
	lastSeen time.Time
}

// InMemoryRateLimiterStore is a per-key token-bucket rate limiter backed by
// an in-memory map. Suitable for single-instance deployments or development.
// For distributed rate limiting implement [RateLimiterStore] with a Valkey or
// Redis backend and pass it to [IPRateLimit] or [UserRateLimit] instead.
//
// Stale entries are evicted every 5 minutes by a background goroutine.
// [Allow] always returns a nil error — in-memory never has infrastructure failures.
type InMemoryRateLimiterStore struct {
	mu    sync.Map
	rps   rate.Limit
	burst int
}

// NewInMemoryRateLimiterStore creates a per-key token bucket store.
// rps is the sustained request rate per second per key.
// burst is the maximum instantaneous burst per key.
func NewInMemoryRateLimiterStore(rps float64, burst int) *InMemoryRateLimiterStore {
	s := &InMemoryRateLimiterStore{
		rps:   rate.Limit(rps),
		burst: burst,
	}
	go s.cleanupLoop()
	return s
}

// Allow returns true when the request for key is within the configured rate limit.
func (s *InMemoryRateLimiterStore) Allow(_ context.Context, key string) (bool, error) {
	now := time.Now()
	v, _ := s.mu.LoadOrStore(key, &limiterEntry{
		limiter:  rate.NewLimiter(s.rps, s.burst),
		lastSeen: now,
	})
	e := v.(*limiterEntry)
	e.lastSeen = now
	return e.limiter.Allow(), nil
}

// cleanupLoop runs for the lifetime of the process; it stops only when the process exits.
// This is intentional: InMemoryRateLimiterStore is stateless from a lifecycle perspective.
func (s *InMemoryRateLimiterStore) cleanupLoop() {
	ticker := time.NewTicker(inMemoryCleanupInterval)
	defer ticker.Stop()
	for range ticker.C {
		cutoff := time.Now().Add(-inMemoryCleanupInterval)
		s.mu.Range(func(k, v any) bool {
			if v.(*limiterEntry).lastSeen.Before(cutoff) {
				s.mu.Delete(k)
			}
			return true
		})
	}
}
feat(web): initial implementation — server, mw, httputil, health (v1.0.0) Introduces code.nochebuena.dev/einherjar/web — the HTTP transport layer of the Einherjar framework. Absorbs httpserver, httpmw, and httputil from micro-lib, replacing gorilla/mux with chi, adopting SecurityBag-native middleware, and centralizing error handling through a single httputil.Error function. server: - Server interface — embeds lifecycle.Component and chi.Router - Config struct (EINHERJAR_SERVER_* env vars); DefaultConfig - New(logger, cfg, opts...) Server; WithMiddleware option - Binds TCP synchronously in OnStart; logs "server: listening" on success - Graceful shutdown within ShutdownTimeout on OnStop mw: - Recover — catches panics, returns 500, logs at Error - RequestID — injects UUID v7 (UUID v4 fallback) into context and X-Request-ID header - RequestLogger — structured access log per request - CORS / CORSAllowAll — chi-based, applied only when origins non-empty - IPRateLimit / UserRateLimit — pluggable RateLimiterStore interface - InMemoryRateLimiterStore — token-bucket backed by golang.org/x/time/rate; background goroutine evicts stale entries every 5 minutes - StatusRecorder — wraps ResponseWriter to capture HTTP status code httputil: - Handle[Req, Res] / HandleNoBody[Res] / HandleEmpty[Req] — generic handler adapters - Error(logger, w, r, err) — derives log level from status (≥500→Error, 4xx→Warn, 499→Info); writes standardized JSON body; logz enriches *xerrors.Err automatically - JSON(w, status, v) / NoContent(w) — response helpers - HandlerFunc adapter type health: - NewHandler / NewHandlerWithConfig — runs all Checkable checks concurrently; returns JSON {status, components} with per-component latency and error - Config struct (EINHERJAR_HEALTH_CHECK_TIMEOUT, default 5s) Root factory: - web.New(logger, cfg...) Server — composes Recover+RequestID+RequestLogger+CORS in outermost-first order; CORS applied only when AllowedOrigins non-empty - server.Server interface and web/server/identifiable.go: embeds observability.Identifiable; ModulePath and ModuleVersion read via runtime/debug.ReadBuildInfo() — prints in launcher banner 2026-05-29 15:48:11 +00:00			`package mw`

			`import (`
			`"context"`
			`"sync"`
			`"time"`

			`"golang.org/x/time/rate"`
			`)`

			`var _ RateLimiterStore = (*InMemoryRateLimiterStore)(nil)`

			`const inMemoryCleanupInterval = 5 * time.Minute`

			`type limiterEntry struct {`
			`limiter *rate.Limiter`
			`lastSeen time.Time`
			`}`

			`// InMemoryRateLimiterStore is a per-key token-bucket rate limiter backed by`
			`// an in-memory map. Suitable for single-instance deployments or development.`
			`// For distributed rate limiting implement [RateLimiterStore] with a Valkey or`
			`// Redis backend and pass it to [IPRateLimit] or [UserRateLimit] instead.`
			`//`
			`// Stale entries are evicted every 5 minutes by a background goroutine.`
			`// [Allow] always returns a nil error — in-memory never has infrastructure failures.`
			`type InMemoryRateLimiterStore struct {`
			`mu sync.Map`
			`rps rate.Limit`
			`burst int`
			`}`

			`// NewInMemoryRateLimiterStore creates a per-key token bucket store.`
			`// rps is the sustained request rate per second per key.`
			`// burst is the maximum instantaneous burst per key.`
			`func NewInMemoryRateLimiterStore(rps float64, burst int) *InMemoryRateLimiterStore {`
			`s := &InMemoryRateLimiterStore{`
			`rps: rate.Limit(rps),`
			`burst: burst,`
			`}`
			`go s.cleanupLoop()`
			`return s`
			`}`

			`// Allow returns true when the request for key is within the configured rate limit.`
			`func (s *InMemoryRateLimiterStore) Allow(_ context.Context, key string) (bool, error) {`
			`now := time.Now()`
			`v, _ := s.mu.LoadOrStore(key, &limiterEntry{`
			`limiter: rate.NewLimiter(s.rps, s.burst),`
			`lastSeen: now,`
			`})`
			`e := v.(*limiterEntry)`
			`e.lastSeen = now`
			`return e.limiter.Allow(), nil`
			`}`

			`// cleanupLoop runs for the lifetime of the process; it stops only when the process exits.`
			`// This is intentional: InMemoryRateLimiterStore is stateless from a lifecycle perspective.`
			`func (s *InMemoryRateLimiterStore) cleanupLoop() {`
			`ticker := time.NewTicker(inMemoryCleanupInterval)`
			`defer ticker.Stop()`
			`for range ticker.C {`
			`cutoff := time.Now().Add(-inMemoryCleanupInterval)`
			`s.mu.Range(func(k, v any) bool {`
			`if v.(*limiterEntry).lastSeen.Before(cutoff) {`
			`s.mu.Delete(k)`
			`}`
			`return true`
			`})`
			`}`
			`}`