coderd: tighten /login rate limiting (#4432)

* coderd: tighten /login rate limit * coderd: add Bypass rate limit header
2025-07-21 01:28:49 +00:00 · 2022-10-20 12:01:23 -05:00
parent 43f199a987
commit 423ac04156
6 changed files with 211 additions and 20 deletions
--- a/coderd/httpmw/apikey_test.go
+++ b/coderd/httpmw/apikey_test.go
@ -631,8 +631,8 @@ func TestAPIKey(t *testing.T) {
 	})
 }

-func createUser(ctx context.Context, t *testing.T, db database.Store) database.User {
-	user, err := db.InsertUser(ctx, database.InsertUserParams{
+func createUser(ctx context.Context, t *testing.T, db database.Store, opts ...func(u *database.InsertUserParams)) database.User {
+	insert := database.InsertUserParams{
 		ID:             uuid.New(),
 		Email:          "email@coder.com",
 		Username:       "username",
@ -640,7 +640,11 @@ func createUser(ctx context.Context, t *testing.T, db database.Store) database.U
 		CreatedAt:      time.Now(),
 		UpdatedAt:      time.Now(),
 		RBACRoles:      []string{},
-	})
+	}
+	for _, opt := range opts {
+		opt(&insert)
+	}
+	user, err := db.InsertUser(ctx, insert)
 	require.NoError(t, err, "create user")
 	return user
 }