(queries: {
sentinelActivities: MessageRateGuardQueries;
logtoConfigs: Pick<LogtoConfigQueries, 'getMessageRateLimitOverride'>;
})
| 102 | * tenant config cache, so the common (no-override) path adds no per-send database hit. |
| 103 | */ |
| 104 | export const buildMessageRateGuard = async (queries: { |
| 105 | sentinelActivities: MessageRateGuardQueries; |
| 106 | logtoConfigs: Pick<LogtoConfigQueries, 'getMessageRateLimitOverride'>; |
| 107 | }): Promise<MessageRateGuard> => { |
| 108 | // Fail open: a failed override read must not block a legitimate send, mirroring the guard's own |
| 109 | // best-effort count query. `trySafe` returns `undefined` on error, so we fall back to the default. |
| 110 | const override = await trySafe(queries.logtoConfigs.getMessageRateLimitOverride()); |
| 111 | const policy: MessageRateLimitPolicy = override |
| 112 | ? { ...defaultMessageRateLimitPolicy, ...override } |
| 113 | : defaultMessageRateLimitPolicy; |
| 114 | |
| 115 | return new MessageRateGuard(queries.sentinelActivities, policy); |
| 116 | }; |
| 117 | |
| 118 | /** |
| 119 | * Wraps a message send with the {@link MessageRateGuard}: rejects with a 429 before sending if the |
no outgoing calls
no test coverage detected