Redirect to the too many requests error page

3 years ago · 6351de159c
3 changed files with 9 additions and 1 deletions
--- a/config/initializers/rack_attack.rb
+++ b/config/initializers/rack_attack.rb
@ -11,3 +11,10 @@ Rack::Attack.throttle("password reset requests", limit: 5, period: 60.seconds) d
    request.params["user"]["email"].to_s.downcase.gsub(/\s+/, "")
  end
 end
+
+Rack::Attack.throttled_responder = lambda do |_env|
+  headers = {
+    "Location" => "/429",
+  }
+  [301, headers, []]
+end
--- a/config/routes.rb
+++ b/config/routes.rb
@ -71,7 +71,7 @@ Rails.application.routes.draw do

  scope via: :all do
    match "/404", to: "errors#not_found"
-    match "/429", to: "errors#too_many_requests"
+    match "/429", to: "errors#too_many_requests", status: 429
    match "/422", to: "errors#unprocessable_entity"
    match "/500", to: "errors#internal_server_error"
  end
--- a/spec/requests/rack_attack_spec.rb
+++ b/spec/requests/rack_attack_spec.rb
@ -54,6 +54,7 @@ describe "Rack::Attack" do
      it "throttles" do
        over_limit.times do
          post "/users/password", params: params
+          follow_redirect!
        end
        last_response = response
        expect(last_response.status).to eq(429)