Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Rate limiter can fail if request.auth is undefined #8398

Closed
4 tasks done
dblythy opened this issue Jan 24, 2023 · 4 comments · Fixed by #8399
Closed
4 tasks done

Rate limiter can fail if request.auth is undefined #8398

dblythy opened this issue Jan 24, 2023 · 4 comments · Fixed by #8399
Labels
state:released Released as stable version state:released-alpha Released as alpha version state:released-beta Released as beta version type:bug Impaired feature or lacking behavior that is likely assumed

Comments

@dblythy
Copy link
Member

dblythy commented Jan 24, 2023

New Issue Checklist

Issue Description

When using a rate limiter, the rate limiter can fail when request.auth is undefined. This can lead the rate limiter to reject all requests.

Steps to reproduce

Create a rate limiter and attempt to connect with auth

Actual Outcome

Rate limiter rejects all requests

Expected Outcome

Rate limiter passes

Environment

Server

  • Parse Server version: alpha
  • Operating system: FILL_THIS_OUT
  • Local or remote host (AWS, Azure, Google Cloud, Heroku, Digital Ocean, etc): FILL_THIS_OUT

Database

  • System (MongoDB or Postgres): FILL_THIS_OUT
  • Database version: FILL_THIS_OUT
  • Local or remote host (MongoDB Atlas, mLab, AWS, Azure, Google Cloud, etc): FILL_THIS_OUT

Client

  • SDK (iOS, Android, JavaScript, PHP, Unity, etc): FILL_THIS_OUT
  • SDK version: FILL_THIS_OUT

Logs
@parse-github-assistant
Copy link

Thanks for opening this issue!

  • ❌ Please fill out all fields with a placeholder FILL_THIS_OUT, otherwise your issue will be closed. If a field does not apply to the issue, fill in n/a.

@dblythy dblythy mentioned this issue Jan 24, 2023
Merged
3 tasks
@mtrezza mtrezza added the type:bug Impaired feature or lacking behavior that is likely assumed label Jan 24, 2023
@parseplatformorg
Copy link
Contributor

🎉 This change has been released in version 6.0.0-alpha.28

@parseplatformorg parseplatformorg added the state:released-alpha Released as alpha version label Jan 25, 2023
@parseplatformorg
Copy link
Contributor

🎉 This change has been released in version 6.0.0-beta.1

@parseplatformorg parseplatformorg added the state:released-beta Released as beta version label Jan 31, 2023
@parseplatformorg
Copy link
Contributor

🎉 This change has been released in version 6.0.0

@parseplatformorg parseplatformorg added the state:released Released as stable version label Jan 31, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
state:released Released as stable version state:released-alpha Released as alpha version state:released-beta Released as beta version type:bug Impaired feature or lacking behavior that is likely assumed
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: Rate limiter may reject requests that contain a session token dblythy/parse-server
3 participants
@dblythy @mtrezza @parseplatformorg