From c2474f941e4886b1a1dd13b2549da542cb4f8b83 Mon Sep 17 00:00:00 2001 From: Harkamal Randhawa Date: Sun, 19 Apr 2026 19:05:07 -0600 Subject: [PATCH] configurable rate limiter --- .../java/com/petshop/backend/security/RateLimitFilter.java | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/backend/src/main/java/com/petshop/backend/security/RateLimitFilter.java b/backend/src/main/java/com/petshop/backend/security/RateLimitFilter.java index 567d4219..31f2434f 100644 --- a/backend/src/main/java/com/petshop/backend/security/RateLimitFilter.java +++ b/backend/src/main/java/com/petshop/backend/security/RateLimitFilter.java @@ -10,6 +10,8 @@ import org.springframework.lang.NonNull; import org.springframework.stereotype.Component; import org.springframework.web.filter.OncePerRequestFilter; +import org.springframework.beans.factory.annotation.Value; + import java.io.IOException; import java.time.Duration; import java.util.Map; @@ -24,6 +26,9 @@ public class RateLimitFilter extends OncePerRequestFilter { "/api/v1/auth/reset-password", new int[]{10, 15} ); + @Value("${app.rate-limit-enabled:true}") + private boolean enabled; + private final RateLimiterService rateLimiterService; private final ApiErrorResponder apiErrorResponder; @@ -37,7 +42,7 @@ public class RateLimitFilter extends OncePerRequestFilter { @NonNull HttpServletResponse response, @NonNull FilterChain filterChain) throws ServletException, IOException { String path = request.getRequestURI(); - int[] rule = RULES.get(path); + int[] rule = enabled ? RULES.get(path) : null; if (rule != null) { String ip = extractIp(request);