graph_attack 1.0.0 → 2.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 86f3e5cffd6d44474777d8922c3c4082d21143dd
-  data.tar.gz: 2a0ad09a08d65b22c3b97752b1ce0428cc2040e9
+SHA256:
+  metadata.gz: 71a5e6c0ce41ca59713a49108f5ebcc3a579aefcd1e95273c495a5ae1e4fd6f6
+  data.tar.gz: 5430e07ebf58ac5b9addbe8b397f6fd832fa56091112136f8ce972cd2e1fe0aa
 SHA512:
-  metadata.gz: 830ea8dbf7fad402e69a27bc1e05189af0488fb241580e12a65bb69eca19591552411f4868cd657fd656d989a868686564c5791b0f250bded67e26ae17389d92
-  data.tar.gz: b7566c50d48645f92ad17bb2f5210346042c178bc10cbe91ea9d58514161570e364d898275b3dadee215588201372d2c38e78177318c10554b4760e523c91bfd
+  metadata.gz: cef61dfd8f249877fcdbd6ae1962b6678efd280ef415989d6abe22ebb7e8db68dd164ce47ecce610548ac13352471044741c0bf6918ca050dc2193a5178ab5af
+  data.tar.gz: fdf832b9e228ccbf8aa66777f2f9334a7c32a25a5435e6017e0ac8073c7c636cd21dc06f0416a8abbf9f063ff30f64f209d55d9979e2eeea27fd7dff4f1ffe84

data/.circleci/config.yml

@@ -6,7 +6,7 @@ version: 2
 jobs:
   build:
     docker:
-       - image: circleci/ruby:2.4.1-node-browsers
+       - image: circleci/ruby:2.7.3
        - image: redis
 
     working_directory: ~/repo
@@ -17,19 +17,16 @@ jobs:
       # Download and cache dependencies
       - restore_cache:
           keys:
-          - v1-dependencies-{{ checksum "graph_attack.gemspec" }}
-          # fallback to using the latest cache if no exact match is found
-          - v1-dependencies-
+          - v2-dependencies-{{ checksum "graph_attack.gemspec" }}
+          - v2-dependencies-
 
-      - run:
-          name: install dependencies
-          command: |
-            bundle install --jobs=4 --retry=3 --path vendor/bundle
+      - run: gem install bundler:2.0.2
+      - run: bundle install --jobs=4 --retry=3 --path vendor/bundle
 
       - save_cache:
           paths:
             - ./vendor/bundle
-          key: v1-dependencies-{{ checksum "graph_attack.gemspec" }}
+          key: v2-dependencies-{{ checksum "graph_attack.gemspec" }}
 
       # Run tests!
       - run:

data/.github/dependabot.yml

@@ -0,0 +1,9 @@
+version: 2
+updates:
+- package-ecosystem: bundler
+  directory: "/"
+  schedule:
+    interval: daily
+    time: "04:00"
+  open-pull-requests-limit: 3
+  rebase-strategy: disabled

data/.rubocop.yml

@@ -1,6 +1,11 @@
+require:
+  - rubocop-rspec
+  - rubocop-rake
+
 AllCops:
-  TargetRubyVersion: 2.3
+  TargetRubyVersion: 2.7
   DisplayCopNames: true
+  NewCops: enable
 
 # Do not sort gems in Gemfile, since we are grouping them by functionality.
 Bundler/OrderedGems:
@@ -22,20 +27,19 @@ Style/TrailingCommaInHashLiteral:
 Layout/MultilineMethodCallIndentation:
   EnforcedStyle: indented
 
+Gemspec/RequiredRubyVersion:
+  Enabled: false
+
 # Limit method length (default is 10).
 Metrics/MethodLength:
   Max: 15
 
-# Do not require `# frozen_string_literal: true` at the top of every file.
-FrozenStringLiteralComment:
-  Enabled: false
-
 # Allow ASCII comments (e.g "…").
 Style/AsciiComments:
   Enabled: false
 
 # Do not comment the class we create, since the name should be self explanatory.
-Documentation:
+Style/Documentation:
   Enabled: false
 
 # Do not verify the length of the blocks in specs.
@@ -43,15 +47,119 @@ Metrics/BlockLength:
   Exclude:
     - spec/**/*
 
-# Allow indenting multiline chained operations.
-Layout/MultilineMethodCallIndentation:
-  EnforcedStyle: indented
-
 # Prefer `== 0`, `< 0`, `> 0` to `zero?`, `negative?` or `positive?`,
 # since they don't exist before Ruby 2.3 or Rails 5 and can be ambiguous.
 Style/NumericPredicate:
   EnforcedStyle: comparison
 
-# Allow shorter argument names like `ip`.
-Naming/UncommunicativeMethodParamName:
-  MinNameLength: 2
+# Allow more expectations per example (default 1).
+RSpec/MultipleExpectations:
+  Max: 5
+
+# Allow more group nesting (default 3)
+RSpec/NestedGroups:
+  Max: 5
+
+# Allow longer examples (default 5)
+RSpec/ExampleLength:
+  Max: 8
+
+Layout/EmptyLinesAroundAttributeAccessor:
+  Enabled: true
+
+Layout/SpaceAroundMethodCallOperator:
+  Enabled: true
+
+Lint/DeprecatedOpenSSLConstant:
+  Enabled: true
+
+Lint/MixedRegexpCaptureTypes:
+  Enabled: true
+
+Lint/RaiseException:
+  Enabled: true
+
+Lint/StructNewOverride:
+  Enabled: true
+
+Style/ExponentialNotation:
+  Enabled: true
+
+Style/HashEachMethods:
+  Enabled: true
+
+Style/HashTransformKeys:
+  Enabled: true
+
+Style/HashTransformValues:
+  Enabled: true
+
+Style/RedundantRegexpCharacterClass:
+  Enabled: true
+
+Style/RedundantRegexpEscape:
+  Enabled: true
+
+Style/SlicingWithRange:
+  Enabled: true
+
+Gemspec/DateAssignment: # (new in 1.10)
+  Enabled: true
+Layout/SpaceBeforeBrackets: # (new in 1.7)
+  Enabled: true
+Lint/AmbiguousAssignment: # (new in 1.7)
+  Enabled: true
+Lint/DeprecatedConstants: # (new in 1.8)
+  Enabled: true
+Lint/DuplicateBranch: # (new in 1.3)
+  Enabled: true
+Lint/DuplicateRegexpCharacterClassElement: # (new in 1.1)
+  Enabled: true
+Lint/EmptyBlock: # (new in 1.1)
+  Enabled: true
+Lint/EmptyClass: # (new in 1.3)
+  Enabled: true
+Lint/LambdaWithoutLiteralBlock: # (new in 1.8)
+  Enabled: true
+Lint/NoReturnInBeginEndBlocks: # (new in 1.2)
+  Enabled: true
+Lint/NumberedParameterAssignment: # (new in 1.9)
+  Enabled: true
+Lint/OrAssignmentToConstant: # (new in 1.9)
+  Enabled: true
+Lint/RedundantDirGlobSort: # (new in 1.8)
+  Enabled: true
+Lint/SymbolConversion: # (new in 1.9)
+  Enabled: true
+Lint/ToEnumArguments: # (new in 1.1)
+  Enabled: true
+Lint/TripleQuotes: # (new in 1.9)
+  Enabled: true
+Lint/UnexpectedBlockArity: # (new in 1.5)
+  Enabled: true
+Lint/UnmodifiedReduceAccumulator: # (new in 1.1)
+  Enabled: true
+Style/ArgumentsForwarding: # (new in 1.1)
+  Enabled: true
+Style/CollectionCompact: # (new in 1.2)
+  Enabled: true
+Style/DocumentDynamicEvalDefinition: # (new in 1.1)
+  Enabled: true
+Style/EndlessMethod: # (new in 1.8)
+  Enabled: true
+Style/HashConversion: # (new in 1.10)
+  Enabled: true
+Style/HashExcept: # (new in 1.7)
+  Enabled: true
+Style/IfWithBooleanLiteralBranches: # (new in 1.9)
+  Enabled: true
+Style/NegatedIfElseCondition: # (new in 1.2)
+  Enabled: true
+Style/NilLambda: # (new in 1.3)
+  Enabled: true
+Style/RedundantArgument: # (new in 1.4)
+  Enabled: true
+Style/StringChars: # (new in 1.12)
+  Enabled: true
+Style/SwapValues: # (new in 1.1)
+  Enabled: true

data/.ruby-version

@@ -0,0 +1 @@
+2.7.5

data/.travis.yml

@@ -1,5 +1,7 @@
 sudo: false
 language: ruby
 rvm:
-  - 2.4.1
-before_install: gem install bundler -v 1.16.1
+  - 2.7.5
+  - 3.1.2
+services:
+  - redis-server

data/CHANGELOG.md

@@ -0,0 +1,30 @@
+unreleased
+----------
+
+v2.0.0
+------
+
+Breaking changes:
+- Drop support for GraphQL legacy schema, please use GraphQL::Ruby's class-based
+  syntax exclusively.
+
+Feature:
+- Support Ruby 3.
+
+v1.2.0
+------
+
+Feature:
+- New GraphAttack::RateLimit extension to be used in GraphQL::Ruby's class-based
+  syntax.
+
+v1.1.0
+------
+
+Feature:
+- Add `redis_client` option to provide a custom Redis client.
+
+v1.0.0
+------
+
+First release!

data/Gemfile

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 source 'https://rubygems.org'
 
 git_source(:github) { |repo_name| "https://github.com/#{repo_name}" }

data/README.md

@@ -6,21 +6,19 @@ GraphQL analyser for blocking & throttling.
 
 ## Usage
 
-This gem adds a method to limit access to your GraphQL fields by IP:
+This gem adds a method to limit access to your GraphQL fields by IP address:
 
 ```rb
-QueryType = GraphQL::ObjectType.define do
-  name 'Query'
-
-  field :someExpensiveField do
-    rate_limit threshold: 15, interval: 60
-
-    # …
+class QueryType < GraphQL::Schema::Object
+  field :some_expensive_field, String, null: false do
+    extension GraphAttack::RateLimit, threshold: 15, interval: 60
   end
+
+  # …
 end
 ```
 
-This would allow only 15 calls per minute by the same IP.
+This would allow only 15 calls per minute by the same IP address.
 
 ## Requirements
 
@@ -29,11 +27,11 @@ of [Redis](https://redis.io/).
 
 ## Installation
 
-Add these lines to your application's `Gemfile`:
+Add these lines to your application’s `Gemfile`:
 
 ```ruby
 # GraphQL analyser for blocking & throttling by IP.
-gem 'graph_attack'
+gem "graph_attack"
 ```
 
 And then execute:
@@ -42,18 +40,8 @@ And then execute:
 $ bundle
 ```
 
-Add the query analyser to your schema:
-
-```rb
-ApplicationSchema = GraphQL::Schema.define do
-  query_analyzer GraphAttack::RateLimiter.new
-
-  # …
-end
-```
-
-Finally, make sure you add the current user's IP address as `ip:` to the
-GraphQL context:
+Finally, make sure you add the current user’s IP address as `ip:` to the
+GraphQL context. E.g.:
 
 ```rb
 class GraphqlController < ApplicationController
@@ -70,6 +58,19 @@ class GraphqlController < ApplicationController
 end
 ```
 
+## Configuration
+
+Use a custom Redis client instead of the default:
+
+```rb
+  field :some_expensive_field, String, null: false do
+    extension GraphAttack::RateLimit,
+              threshold: 15,
+              interval: 60,
+              redis_client: Redis.new(url: "…")
+  end
+```
+
 ## Development
 
 After checking out the repo, run `bin/setup` to install dependencies. Then, run
@@ -83,9 +84,9 @@ see the tags on this repository.
 
 ## Releasing
 
-To release a new version, update the version number in `version.rb`, and then
-run `bundle exec rake release`, which will create a git tag for the version,
-push git commits and tags, and push the `.gem` file to
+To release a new version, update the version number in `version.rb`, commit,
+and then run `bin/rake release`, which will create a git tag for the version,
+push git commits and tags, and push the gem to
 [rubygems.org](https://rubygems.org).
 
 ## Contributing
@@ -99,12 +100,12 @@ the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
 
 Everyone interacting in the GraphAttack project’s codebases, issue trackers,
 chat rooms and mailing lists is expected to follow the
-[code of conduct](https://github.com/sunny/graph_attack/blob/master/CODE_OF_CONDUCT.md).
+[code of conduct](https://github.com/sunny/graph_attack/blob/main/CODE_OF_CONDUCT.md).
 
 ## License
 
 This project is licensed under the MIT License - see the
-[LICENSE.md](https://github.com/sunny/graph_attack/blob/master/LICENSE.md)
+[LICENSE.md](https://github.com/sunny/graph_attack/blob/main/LICENSE.md)
 file for details.
 
 ## Authors

data/Rakefile

@@ -1,12 +1,12 @@
+# frozen_string_literal: true
+
 # Bundler
 require 'bundler/gem_tasks'
-require 'rspec/core/rake_task'
 
-# Rspec
+# RSpec
 require 'rspec/core/rake_task'
 RSpec::Core::RakeTask.new(:spec)
 
-task default: :spec
 # Rubocop
 require 'rubocop/rake_task'
 RuboCop::RakeTask.new(:rubocop)

data/bin/console

@@ -1,4 +1,5 @@
 #!/usr/bin/env ruby
+# frozen_string_literal: true
 
 require 'bundler/setup'
 require 'graph_attack'

data/bin/rake

@@ -0,0 +1,29 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+#
+# This file was generated by Bundler.
+#
+# The application 'rake' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require 'pathname'
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile',
+                                           Pathname.new(__FILE__).realpath)
+
+bundle_binstub = File.expand_path('bundle', __dir__)
+
+if File.file?(bundle_binstub)
+  if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/
+    load(bundle_binstub)
+  else
+    abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run.
+Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.")
+  end
+end
+
+require 'rubygems'
+require 'bundler/setup'
+
+load Gem.bin_path('rake', 'rake')

data/bin/rubocop

@@ -0,0 +1,29 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+#
+# This file was generated by Bundler.
+#
+# The application 'rubocop' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require 'pathname'
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile',
+                                           Pathname.new(__FILE__).realpath)
+
+bundle_binstub = File.expand_path('bundle', __dir__)
+
+if File.file?(bundle_binstub)
+  if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/
+    load(bundle_binstub)
+  else
+    abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run.
+Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.")
+  end
+end
+
+require 'rubygems'
+require 'bundler/setup'
+
+load Gem.bin_path('rubocop', 'rubocop')

data/graph_attack.gemspec

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 lib = File.expand_path('lib', __dir__)
 $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 require 'graph_attack/version'
@@ -12,6 +14,8 @@ Gem::Specification.new do |spec|
   spec.description = 'GraphQL analyser for blocking & throttling'
   spec.homepage = 'https://github.com/sunny/graph_attack'
 
+  spec.metadata['rubygems_mfa_required'] = 'true'
+
   spec.files = `git ls-files -z`.split("\x0").reject do |f|
     f.match(%r{^(test|spec|features)/})
   end
@@ -19,6 +23,8 @@ Gem::Specification.new do |spec|
   spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ['lib']
 
+  spec.required_ruby_version = ['>= 2.5.7', '< 3.2']
+
   # This gem is an analyser for the GraphQL ruby gem.
   spec.add_dependency 'graphql', '>= 1.7.9'
 
@@ -26,10 +32,10 @@ Gem::Specification.new do |spec|
   spec.add_dependency 'ratelimit', '>= 1.0.3'
 
   # Loads local dependencies.
-  spec.add_development_dependency 'bundler', '~> 1.15'
+  spec.add_development_dependency 'bundler', '~> 2.0'
 
   # Development tasks runner.
-  spec.add_development_dependency 'rake', '~> 10.0'
+  spec.add_development_dependency 'rake', '~> 13.0'
 
   # Testing framework.
   spec.add_development_dependency 'rspec', '~> 3.0'
@@ -38,5 +44,11 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency 'rspec_junit_formatter', '~> 0.3'
 
   # Ruby code linter.
-  spec.add_development_dependency 'rubocop', '~> 0.55'
+  spec.add_development_dependency 'rubocop', '~> 1.1'
+
+  # RSpec extension for RuboCop.
+  spec.add_development_dependency 'rubocop-rspec', '~> 2.2'
+
+  # Rake extension for RuboCop
+  spec.add_development_dependency 'rubocop-rake'
 end

data/lib/graph_attack/error.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module GraphAttack
+  class Error < StandardError; end
+end

data/lib/graph_attack/rate_limit.rb

@@ -0,0 +1,50 @@
+# frozen_string_literal: true
+
+module GraphAttack
+  class RateLimit < GraphQL::Schema::FieldExtension
+    def resolve(object:, arguments:, **_rest)
+      ip = object.context[:ip]
+      raise GraphAttack::Error, 'Missing :ip value on the GraphQL context' unless ip
+
+      return RateLimited.new('Query rate limit exceeded') if calls_exceeded_on_query?(ip)
+
+      yield(object, arguments)
+    end
+
+    private
+
+    def key
+      "graphql-query-#{field.name}"
+    end
+
+    def calls_exceeded_on_query?(ip)
+      rate_limit = Ratelimit.new(ip, redis: redis_client)
+      rate_limit.add(key)
+      rate_limit.exceeded?(
+        key,
+        threshold: threshold,
+        interval: interval,
+      )
+    end
+
+    def threshold
+      options[:threshold] ||
+        raise(
+          GraphAttack::Error,
+          'Missing "threshold:" option on the GraphAttack::RateLimit extension',
+        )
+    end
+
+    def interval
+      options[:interval] ||
+        raise(
+          GraphAttack::Error,
+          'Missing "interval:" option on the GraphAttack::RateLimit extension',
+        )
+    end
+
+    def redis_client
+      options[:redis_client] || Redis.current
+    end
+  end
+end

data/lib/graph_attack/rate_limited.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module GraphAttack
+  class RateLimited < GraphQL::AnalysisError; end
+end

data/lib/graph_attack/version.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module GraphAttack
-  VERSION = '1.0.0'.freeze
+  VERSION = '2.0.0'
 end

data/lib/graph_attack.rb

@@ -1,7 +1,12 @@
-require 'graphql'
+# frozen_string_literal: true
+
 require 'ratelimit'
+require 'graphql'
 require 'graphql/tracing'
 
 require 'graph_attack/version'
-require 'graph_attack/rate_limiter'
-require 'graph_attack/metadata'
+
+# Class-based schema
+require 'graph_attack/error'
+require 'graph_attack/rate_limit'
+require 'graph_attack/rate_limited'

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: graph_attack
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 2.0.0
 platform: ruby
 authors:
 - Fanny Cheung
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2018-09-07 00:00:00.000000000 Z
+date: 2022-05-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: graphql
@@ -45,28 +45,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.15'
+        version: '2.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.15'
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '13.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '13.0'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
@@ -101,14 +101,42 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.55'
+        version: '1.1'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.55'
+        version: '1.1'
+- !ruby/object:Gem::Dependency
+  name: rubocop-rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.2'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.2'
+- !ruby/object:Gem::Dependency
+  name: rubocop-rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 description: GraphQL analyser for blocking & throttling
 email:
 - fanny@ynote.hk
@@ -118,25 +146,32 @@ extensions: []
 extra_rdoc_files: []
 files:
 - ".circleci/config.yml"
+- ".github/dependabot.yml"
 - ".gitignore"
 - ".rspec"
 - ".rubocop.yml"
+- ".ruby-version"
 - ".travis.yml"
+- CHANGELOG.md
 - CODE_OF_CONDUCT.md
 - Gemfile
 - LICENSE.md
 - README.md
 - Rakefile
 - bin/console
+- bin/rake
+- bin/rubocop
 - bin/setup
 - graph_attack.gemspec
 - lib/graph_attack.rb
-- lib/graph_attack/metadata.rb
-- lib/graph_attack/rate_limiter.rb
+- lib/graph_attack/error.rb
+- lib/graph_attack/rate_limit.rb
+- lib/graph_attack/rate_limited.rb
 - lib/graph_attack/version.rb
 homepage: https://github.com/sunny/graph_attack
 licenses: []
-metadata: {}
+metadata:
+  rubygems_mfa_required: 'true'
 post_install_message: 
 rdoc_options: []
 require_paths:
@@ -145,15 +180,17 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 2.5.7
+  - - "<"
+    - !ruby/object:Gem::Version
+      version: '3.2'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.6.11
+rubygems_version: 3.1.6
 signing_key: 
 specification_version: 4
 summary: GraphQL analyser for blocking & throttling

data/lib/graph_attack/metadata.rb

@@ -1,4 +0,0 @@
-# Add custom field metadata
-GraphQL::Field.accepts_definitions(
-  rate_limit: GraphQL::Define.assign_metadata_key(:rate_limit),
-)

data/lib/graph_attack/rate_limiter.rb

@@ -1,89 +0,0 @@
-module GraphAttack
-  # Query analyser you can add to your GraphQL schema to limit calls by IP.
-  #
-  #     ApplicationSchema = GraphQL::Schema.define do
-  #       query_analyzer GraphAttack::RateLimiter.new
-  #     end
-  #
-  class RateLimiter
-    class Error < StandardError; end
-    class RateLimited < GraphQL::AnalysisError; end
-
-    def initial_value(query)
-      {
-        ip: query.context[:ip],
-        query_rate_limits: [],
-      }
-    end
-
-    def call(memo, visit_type, irep_node)
-      if rate_limited_node?(visit_type, irep_node)
-        data = rate_limit_data(irep_node)
-
-        memo[:query_rate_limits].push(data)
-
-        increment_rate_limit(memo[:ip], data[:key])
-      end
-
-      memo
-    end
-
-    def final_value(memo)
-      handle_exceeded_calls_on_queries(memo)
-    end
-
-    private
-
-    def increment_rate_limit(ip, key)
-      raise Error, 'Missing :ip value on the GraphQL context' unless ip
-
-      rate_limit(ip).add(key)
-    end
-
-    def rate_limit_data(node)
-      data = node.definition.metadata[:rate_limit]
-
-      data.merge(
-        key: "graphql-query-#{node.name}",
-        query_name: node.name,
-      )
-    end
-
-    def handle_exceeded_calls_on_queries(memo)
-      rate_limited_queries = memo[:query_rate_limits].map do |limit_data|
-        next unless calls_exceeded_on_query?(memo[:ip], limit_data)
-
-        limit_data[:query_name]
-      end.compact
-
-      return unless rate_limited_queries.any?
-
-      queries = rate_limited_queries.join(', ')
-      RateLimited.new("Query rate limit exceeded on #{queries}")
-    end
-
-    def calls_exceeded_on_query?(ip, query_limit_data)
-      rate_limit(ip).exceeded?(
-        query_limit_data[:key],
-        threshold: query_limit_data[:threshold],
-        interval: query_limit_data[:interval],
-      )
-    end
-
-    def rate_limit(ip)
-      @rate_limit ||= {}
-      @rate_limit[ip] ||= Ratelimit.new(ip)
-    end
-
-    def rate_limited_node?(visit_type, node)
-      query_field_node?(node) &&
-        visit_type == :enter &&
-        node.definition.metadata[:rate_limit]
-    end
-
-    def query_field_node?(node)
-      node.owner_type.name == 'Query' &&
-        node.ast_node.is_a?(GraphQL::Language::Nodes::Field)
-    end
-  end
-end