fix(rate-limit): bypass middleware when ALLOW_DEV_TEST_ENDPOINTS=true
Parallel Playwright runs (6 workers, all from 127.0.0.1) burned through the 100 req/min generalLimiter budget within the first ~30s, causing every API call (including /api/dev/test-login and /api/dev/member-login) to return 429 for the rest of the window. Auth helper waitForURL then timed out at 45s with no redirect ever firing — surfacing as 8 cascading test failures across auth.spec.js, board.spec.js, and admin-members.spec.js. The bypass mirrors the existing gate used by /api/dev/* endpoints: the env var is opt-in and only set in development (.env) or by Playwright's webServer config. Production never sets it, so rate limiting remains active.
This commit is contained in:
parent
0c489cf2c3
commit
3f42307c64
1 changed files with 5 additions and 0 deletions
|
|
@ -43,6 +43,11 @@ export default defineEventHandler(async (event) => {
|
|||
const path = getRequestURL(event).pathname
|
||||
if (!path.startsWith('/api/')) return
|
||||
|
||||
// Bypass rate limiting in test/dev opt-in mode so parallel E2E runs from a
|
||||
// single IP (127.0.0.1) do not exhaust the per-IP budget. Mirrors the gate
|
||||
// used by /api/dev/* endpoints — only set in development and by Playwright.
|
||||
if (process.env.ALLOW_DEV_TEST_ENDPOINTS === 'true') return
|
||||
|
||||
const ip = getClientIp(event)
|
||||
|
||||
try {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue