feat: move rate limiting after passport to leverage ctx.isAuthenticated and ctx.state.user in rate limiting id lookup

Author: titanism

index.js

@@ -107,16 +107,6 @@ class API {
     // Basic auth
     if (this.config.auth) app.use(auth(this.config.auth));
 
-    // Rate limiting
-    if (this.client && this.config.rateLimit)
-      app.use(
-        ratelimit({
-          ...this.config.rateLimit,
-          db: this.client,
-          logger: this.logger
-        })
-      );
-
     // Remove trailing slashes
     app.use(removeTrailingSlashes());
 
@@ -148,6 +138,16 @@ class API {
     // Passport
     if (this.passport) app.use(this.passport.initialize());
 
+    // Rate limiting
+    if (this.client && this.config.rateLimit)
+      app.use(
+        ratelimit({
+          ...this.config.rateLimit,
+          db: this.client,
+          logger: this.logger
+        })
+      );
+
     // Store the user's last ip address in the background
     if (this.config.storeIPAddress) {
       const storeIPAddress = new StoreIPAddress({

package.json

@@ -11,7 +11,7 @@
     "Nick Baugh <[email protected]> (http://niftylettuce.com/)"
   ],
   "dependencies": {
-    "@koa/router": "^11.0.0",
+    "@koa/router": "^11.0.1",
     "@ladjs/i18n": "^8.0.1",
     "@ladjs/koa-simple-ratelimit": "^4.0.1",
     "@ladjs/passport": "^5.0.3",
@@ -50,7 +50,7 @@
     "ioredis": "^5.1.0",
     "ioredis-mock": "^8.2.2",
     "lint-staged": "13.0.3",
-    "mongoose": "^6.4.2",
+    "mongoose": "^6.4.3",
     "nyc": "^15.1.0",
     "remark-cli": "^11.0.0",
     "remark-preset-github": "^4.0.4",