feat: auto-retry uploads when rate limited (v0.13.0)

Backend: rate limiter gains check_with_retry() returning seconds until the next slot opens. Upload 429 responses include retry_after_secs in JSON and a Retry-After header. Frontend: upload queue catches 429 as RateLimitError, resets affected item to pending, schedules processQueue() for the server-reported delay, and shows a live countdown banner in the queue UI. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-03 18:37:51 +02:00
parent 3dc69e6c6d
commit de0e395a9e
8 changed files with 113 additions and 24 deletions
--- a/backend/src/auth/handlers.rs
+++ b/backend/src/auth/handlers.rs
@@ -39,6 +39,7 @@ pub async fn join(
    if !state.rate_limiter.check(format!("join:{ip}"), 5, Duration::from_secs(60)) {
        return Err(AppError::TooManyRequests(
            "Zu viele Anfragen. Bitte warte kurz und versuche es erneut.".into(),
+            None,
        ));
    }

@@ -124,6 +125,7 @@ pub async fn recover(
            if Utc::now() < locked_until {
                return Err(AppError::TooManyRequests(
                    "Zu viele Versuche. Bitte warte 15 Minuten.".into(),
+                    None,
                ));
            }
        }
--- a/backend/src/error.rs
+++ b/backend/src/error.rs
@@ -1,6 +1,5 @@
 use axum::http::StatusCode;
 use axum::response::{IntoResponse, Response};
-use serde_json::json;

 #[derive(Debug)]
 pub enum AppError {
@@ -8,7 +7,9 @@ pub enum AppError {
    Unauthorized(String),
    Forbidden(String),
    NotFound(String),
-    TooManyRequests(String),
+    Conflict(String),
+    /// Second field: optional retry-after seconds to include in the response.
+    TooManyRequests(String, Option<u64>),
    Internal(anyhow::Error),
 }

@@ -19,7 +20,8 @@ impl AppError {
            Self::Unauthorized(_) => (StatusCode::UNAUTHORIZED, "unauthorized"),
            Self::Forbidden(_) => (StatusCode::FORBIDDEN, "forbidden"),
            Self::NotFound(_) => (StatusCode::NOT_FOUND, "not_found"),
-            Self::TooManyRequests(_) => (StatusCode::TOO_MANY_REQUESTS, "too_many_requests"),
+            Self::Conflict(_) => (StatusCode::CONFLICT, "conflict"),
+            Self::TooManyRequests(..) => (StatusCode::TOO_MANY_REQUESTS, "too_many_requests"),
            Self::Internal(_) => (StatusCode::INTERNAL_SERVER_ERROR, "internal_error"),
        }
    }
@@ -30,7 +32,8 @@ impl AppError {
            | Self::Unauthorized(msg)
            | Self::Forbidden(msg)
            | Self::NotFound(msg)
-            | Self::TooManyRequests(msg) => msg.clone(),
+            | Self::Conflict(msg) => msg.clone(),
+            Self::TooManyRequests(msg, _) => msg.clone(),
            Self::Internal(err) => {
                tracing::error!("internal error: {err:#}");
                "Ein interner Fehler ist aufgetreten.".to_string()
@@ -42,13 +45,29 @@ impl AppError {
 impl IntoResponse for AppError {
    fn into_response(self) -> Response {
        let (status, code) = self.status_and_code();
+        let retry_after_secs = if let Self::TooManyRequests(_, Some(secs)) = &self {
+            Some(*secs)
+        } else {
+            None
+        };
        let message = self.message();
-        let body = json!({
+
+        let mut body = serde_json::json!({
            "error": code,
            "message": message,
            "status": status.as_u16(),
        });
-        (status, axum::Json(body)).into_response()
+        if let Some(secs) = retry_after_secs {
+            body["retry_after_secs"] = secs.into();
+        }
+
+        let mut resp = (status, axum::Json(body)).into_response();
+        if let Some(secs) = retry_after_secs {
+            if let Ok(val) = axum::http::HeaderValue::from_str(&secs.to_string()) {
+                resp.headers_mut().insert(axum::http::header::RETRY_AFTER, val);
+            }
+        }
+        resp
    }
 }

--- a/backend/src/handlers/admin.rs
+++ b/backend/src/handlers/admin.rs
@@ -180,9 +180,7 @@ pub async fn download_zip(
    let ip = client_ip(&headers, "unknown");
    let limit = get_config_usize(&state.pool, "export_rate_per_day", 3).await;
    if !state.rate_limiter.check(format!("export:{ip}"), limit, Duration::from_secs(86400)) {
-        return Err(AppError::TooManyRequests(
-            "Zu viele Anfragen. Bitte warte kurz und versuche es erneut.".into(),
-        ));
+        return Err(AppError::TooManyRequests("Zu viele Anfragen. Bitte warte kurz und versuche es erneut.".into(), None));
    }

    let event = crate::models::event::Event::find_by_slug(&state.pool, &state.config.event_slug)
@@ -211,9 +209,7 @@ pub async fn download_html(
    let ip = client_ip(&headers, "unknown");
    let limit = get_config_usize(&state.pool, "export_rate_per_day", 3).await;
    if !state.rate_limiter.check(format!("export:{ip}"), limit, Duration::from_secs(86400)) {
-        return Err(AppError::TooManyRequests(
-            "Zu viele Anfragen. Bitte warte kurz und versuche es erneut.".into(),
-        ));
+        return Err(AppError::TooManyRequests("Zu viele Anfragen. Bitte warte kurz und versuche es erneut.".into(), None));
    }

    let event = crate::models::event::Event::find_by_slug(&state.pool, &state.config.event_slug)
--- a/backend/src/handlers/feed.rs
+++ b/backend/src/handlers/feed.rs
@@ -63,9 +63,7 @@ pub async fn feed(
    let ip = client_ip(&headers, "unknown");
    let rate_limit = get_config_usize(&state.pool, "feed_rate_per_min", 60).await;
    if !state.rate_limiter.check(format!("feed:{ip}"), rate_limit, Duration::from_secs(60)) {
-        return Err(AppError::TooManyRequests(
-            "Zu viele Anfragen. Bitte warte kurz und versuche es erneut.".into(),
-        ));
+        return Err(AppError::TooManyRequests("Zu viele Anfragen. Bitte warte kurz und versuche es erneut.".into(), None));
    }

    let limit = q.limit.unwrap_or(20).min(100);
--- a/backend/src/handlers/upload.rs
+++ b/backend/src/handlers/upload.rs
@@ -20,13 +20,14 @@ pub async fn upload(
 ) -> Result<(StatusCode, Json<UploadDto>), AppError> {
    // Rate limit: N uploads per hour per user
    let upload_rate = get_config_i64(&state.pool, "upload_rate_per_hour", 10).await as usize;
-    if !state
+    if let Err(retry_after_secs) = state
        .rate_limiter
-        .check(format!("upload:{}", auth.user_id), upload_rate, Duration::from_secs(3600))
+        .check_with_retry(format!("upload:{}", auth.user_id), upload_rate, Duration::from_secs(3600))
    {
        drain_multipart(multipart).await;
        return Err(AppError::TooManyRequests(
            "Du hast dein Upload-Limit für diese Stunde erreicht.".into(),
+            Some(retry_after_secs),
        ));
    }

--- a/backend/src/services/rate_limiter.rs
+++ b/backend/src/services/rate_limiter.rs
@@ -19,17 +19,26 @@ impl RateLimiter {

    /// Returns `true` if the request is allowed, `false` if rate-limited.
    pub fn check(&self, key: impl Into<String>, max: usize, window: Duration) -> bool {
+        self.check_with_retry(key, max, window).is_ok()
+    }
+
+    /// Returns `Ok(())` if allowed, `Err(retry_after_secs)` if rate-limited.
+    /// `retry_after_secs` is how long until the oldest slot in the window expires.
+    pub fn check_with_retry(&self, key: impl Into<String>, max: usize, window: Duration) -> Result<(), u64> {
        let now = Instant::now();
        let key = key.into();
        let mut map = self.windows.lock().unwrap();
        let timestamps = map.entry(key).or_default();
-        // Drop entries outside the window
        timestamps.retain(|&t| now.duration_since(t) < window);
        if timestamps.len() < max {
            timestamps.push(now);
-            true
+            Ok(())
        } else {
-            false
+            // The oldest timestamp expires at oldest + window; compute remaining seconds
+            let oldest = timestamps[0];
+            let elapsed = now.duration_since(oldest);
+            let remaining = window.saturating_sub(elapsed);
+            Err(remaining.as_secs().max(1))
        }
    }
 }