pacnpal/thrilltrack-explorer
1
0
Fork 0
mirror of https://github.com/pacnpal/thrilltrack-explorer.git synced 2025-12-20 10:11:13 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
28fa2fd0d44319403fb1745ff09f3530014f3bb9
thrilltrack-explorer/supabase/functions/monitor-rate-limits/index.ts
gpt-engineer-app[bot] 28fa2fd0d4 Monitor rate limits progress 
Implement monitor-rate-limits edge function to compare metrics against alert configurations, trigger notifications, and record alerts; update config and groundwork for admin UI integration.
2025-11-11 00:19:13 +00:00

283 lines
8.5 KiB
TypeScript
Raw Blame History

/**
* Rate Limit Monitor
*
* Periodically checks rate limit metrics against configured thresholds
* and triggers alerts when limits are exceeded.
*
* Designed to run as a cron job every 5 minutes.
*/
import { createClient } from 'jsr:@supabase/supabase-js@2';
import { getMetricsStats } from '../_shared/rateLimitMetrics.ts';
const corsHeaders = {
'Access-Control-Allow-Origin': '*',
'Access-Control-Allow-Headers': 'authorization, x-client-info, apikey, content-type',
};
interface AlertConfig {
id: string;
metric_type: 'block_rate' | 'total_requests' | 'unique_ips' | 'function_specific';
threshold_value: number;
time_window_ms: number;
function_name?: string;
enabled: boolean;
}
interface AlertCheck {
configId: string;
metricType: string;
metricValue: number;
thresholdValue: number;
timeWindowMs: number;
functionName?: string;
exceeded: boolean;
message: string;
}
async function checkAlertConditions(configs: AlertConfig[]): Promise<AlertCheck[]> {
const checks: AlertCheck[] = [];
for (const config of configs) {
if (!config.enabled) continue;
const stats = getMetricsStats(config.time_window_ms);
let metricValue = 0;
let exceeded = false;
let message = '';
switch (config.metric_type) {
case 'block_rate':
metricValue = stats.blockRate;
exceeded = metricValue > config.threshold_value;
message = `Rate limit block rate (${(metricValue * 100).toFixed(1)}%) exceeded threshold (${(config.threshold_value * 100).toFixed(1)}%) in last ${config.time_window_ms / 1000}s. ${stats.blockedRequests} of ${stats.totalRequests} requests blocked.`;
break;
case 'total_requests':
metricValue = stats.totalRequests;
exceeded = metricValue > config.threshold_value;
message = `Total requests (${metricValue}) exceeded threshold (${config.threshold_value}) in last ${config.time_window_ms / 1000}s.`;
break;
case 'unique_ips':
metricValue = stats.uniqueIPs;
exceeded = metricValue > config.threshold_value;
message = `Unique IPs (${metricValue}) exceeded threshold (${config.threshold_value}) in last ${config.time_window_ms / 1000}s. Possible DDoS attack.`;
break;
case 'function_specific':
// For function-specific alerts, we'd need to track metrics per function
// This would require enhancing the metrics system
console.log('Function-specific alerts not yet implemented');
continue;
}
checks.push({
configId: config.id,
metricType: config.metric_type,
metricValue,
thresholdValue: config.threshold_value,
timeWindowMs: config.time_window_ms,
functionName: config.function_name,
exceeded,
message,
});
}
return checks;
}
async function recordAlert(
supabase: any,
check: AlertCheck
): Promise<{ success: boolean; error?: string }> {
try {
const { error } = await supabase
.from('rate_limit_alerts')
.insert({
config_id: check.configId,
metric_type: check.metricType,
metric_value: check.metricValue,
threshold_value: check.thresholdValue,
time_window_ms: check.timeWindowMs,
function_name: check.functionName,
alert_message: check.message,
});
if (error) {
console.error('Failed to record alert:', error);
return { success: false, error: error.message };
}
return { success: true };
} catch (error) {
console.error('Exception recording alert:', error);
return {
success: false,
error: error instanceof Error ? error.message : 'Unknown error'
};
}
}
async function sendNotification(
supabase: any,
check: AlertCheck
): Promise<{ success: boolean; error?: string }> {
try {
// Send notification to moderators via the moderator topic
const { data, error } = await supabase.functions.invoke('trigger-notification', {
body: {
workflowId: 'rate-limit-alert',
topicKey: 'moderators',
payload: {
message: check.message,
metricType: check.metricType,
metricValue: check.metricValue,
thresholdValue: check.thresholdValue,
functionName: check.functionName || 'all',
},
overrides: {
email: {
subject: '🚨 Rate Limit Alert',
},
},
},
});
if (error) {
console.error('Failed to send notification:', error);
return { success: false, error: error.message };
}
return { success: true };
} catch (error) {
console.error('Exception sending notification:', error);
return {
success: false,
error: error instanceof Error ? error.message : 'Unknown error'
};
}
}
async function handler(req: Request): Promise<Response> {
// Handle CORS preflight
if (req.method === 'OPTIONS') {
return new Response(null, { headers: corsHeaders });
}
const startTime = Date.now();
console.log('Rate limit monitor starting...');
try {
const supabaseUrl = Deno.env.get('SUPABASE_URL')!;
const supabaseServiceKey = Deno.env.get('SUPABASE_SERVICE_ROLE_KEY')!;
const supabase = createClient(supabaseUrl, supabaseServiceKey);
// Fetch enabled alert configurations
const { data: configs, error: configError } = await supabase
.from('rate_limit_alert_config')
.select('*')
.eq('enabled', true);
if (configError) {
console.error('Failed to fetch alert configs:', configError);
return new Response(
JSON.stringify({
success: false,
error: 'Failed to fetch alert configurations',
details: configError.message
}),
{ status: 500, headers: { ...corsHeaders, 'Content-Type': 'application/json' } }
);
}
if (!configs || configs.length === 0) {
console.log('No enabled alert configurations found');
return new Response(
JSON.stringify({
success: true,
message: 'No enabled alert configurations',
checked: 0
}),
{ status: 200, headers: { ...corsHeaders, 'Content-Type': 'application/json' } }
);
}
console.log(`Checking ${configs.length} alert configurations...`);
// Check all alert conditions
const checks = await checkAlertConditions(configs);
const exceededChecks = checks.filter(c => c.exceeded);
console.log(`Found ${exceededChecks.length} threshold violations`);
// Process exceeded thresholds
const alertResults = [];
for (const check of exceededChecks) {
console.log(`Processing alert: ${check.message}`);
// Check if we've already sent a recent alert for this config
const { data: recentAlerts } = await supabase
.from('rate_limit_alerts')
.select('created_at')
.eq('config_id', check.configId)
.is('resolved_at', null)
.gte('created_at', new Date(Date.now() - 15 * 60 * 1000).toISOString()) // Last 15 minutes
.order('created_at', { ascending: false })
.limit(1);
if (recentAlerts && recentAlerts.length > 0) {
console.log(`Skipping alert - recent unresolved alert exists for config ${check.configId}`);
alertResults.push({
configId: check.configId,
skipped: true,
reason: 'Recent alert exists',
});
continue;
}
// Record the alert
const recordResult = await recordAlert(supabase, check);
// Send notification
const notifyResult = await sendNotification(supabase, check);
alertResults.push({
configId: check.configId,
metricType: check.metricType,
recorded: recordResult.success,
notified: notifyResult.success,
recordError: recordResult.error,
notifyError: notifyResult.error,
});
}
const duration = Date.now() - startTime;
console.log(`Monitor completed in ${duration}ms`);
return new Response(
JSON.stringify({
success: true,
checked: configs.length,
exceeded: exceededChecks.length,
alerts: alertResults,
duration_ms: duration,
}),
{ status: 200, headers: { ...corsHeaders, 'Content-Type': 'application/json' } }
);
} catch (error) {
console.error('Error in rate limit monitor:', error);
return new Response(
JSON.stringify({
success: false,
error: 'Internal server error',
message: error instanceof Error ? error.message : 'Unknown error',
}),
{ status: 500, headers: { ...corsHeaders, 'Content-Type': 'application/json' } }
);
}
}
Deno.serve(handler);
Reference in New Issue View Git Blame Copy Permalink