From b214de75abbced588d6325d1a4b5cc18778023a3 Mon Sep 17 00:00:00 2001
From: Luke Vella <me@lukevella.com>
Date: Sun, 2 Mar 2025 16:11:07 +0000
Subject: [PATCH] =?UTF-8?q?=F0=9F=94=92=EF=B8=8F=20Log=20identifiers=20whe?=
 =?UTF-8?q?n=20rate=20limits=20are=20hit=20(#1599)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 apps/web/src/app/api/trpc/[trpc]/route.ts | 18 ++++++++++++++----
 apps/web/src/trpc/trpc.ts                 |  6 ------
 2 files changed, 14 insertions(+), 10 deletions(-)

diff --git a/apps/web/src/app/api/trpc/[trpc]/route.ts b/apps/web/src/app/api/trpc/[trpc]/route.ts
index 5c69ef06a..91d06db74 100644
--- a/apps/web/src/app/api/trpc/[trpc]/route.ts
+++ b/apps/web/src/app/api/trpc/[trpc]/route.ts
@@ -9,13 +9,16 @@ import type { TRPCContext } from "@/trpc/context";
 import { appRouter } from "@/trpc/routers";
 import { getEmailClient } from "@/utils/emails";
 
-const handler = (req: NextRequest) => {
+const handler = async (req: NextRequest) => {
+  const session = await auth();
+  const ip = ipAddress(req);
+  const ja4Digest = req.headers.get("x-vercel-ja4-digest");
+
   return fetchRequestHandler({
     endpoint: "/api/trpc",
     req,
     router: appRouter,
     createContext: async () => {
-      const session = await auth();
       const locale = await getLocaleFromHeader(req);
       const user = session?.user
         ? {
@@ -31,8 +34,7 @@ const handler = (req: NextRequest) => {
       const ip =
         process.env.NODE_ENV === "development" ? "127.0.0.1" : ipAddress(req);
 
-      const identifier =
-        session?.user?.id ?? req.headers.get("x-vercel-ja4-digest") ?? ip;
+      const identifier = session?.user?.id ?? ja4Digest ?? ip;
 
       return {
         user,
@@ -44,6 +46,14 @@ const handler = (req: NextRequest) => {
       if (error.code === "INTERNAL_SERVER_ERROR") {
         Sentry.captureException(error);
       }
+      if (error.code === "TOO_MANY_REQUESTS") {
+        console.warn("Too many requests", {
+          path: req.nextUrl.pathname,
+          userId: session?.user?.id,
+          ip,
+          ja4Digest,
+        });
+      }
     },
   });
 };
diff --git a/apps/web/src/trpc/trpc.ts b/apps/web/src/trpc/trpc.ts
index 7c50efef7..5f01c5228 100644
--- a/apps/web/src/trpc/trpc.ts
+++ b/apps/web/src/trpc/trpc.ts
@@ -114,12 +114,6 @@ export const createRateLimitMiddleware = (
     const res = await ratelimit.limit(`${name}:${ctx.identifier}`);
 
     if (!res.success) {
-      console.warn("Rate limit exceeded", {
-        identifier: ctx.identifier,
-        endpoint: name,
-        limit: requests,
-        duration,
-      });
       throw new TRPCError({
         code: "TOO_MANY_REQUESTS",
         message: "Too many requests",