Add Redis distributed rate limiting (prod only).

Signed-off-by: vimal-tech-dev <be08it929@gmail.com>

Author: vimal-tech-dev

pom.xml

@@ -91,6 +91,22 @@
 			<groupId>org.flywaydb</groupId>
 			<artifactId>flyway-database-postgresql</artifactId>
 		</dependency>
+		<dependency>
+			<groupId>com.bucket4j</groupId>
+			<artifactId>bucket4j-core</artifactId>
+			<version>8.6.0</version>
+		</dependency>
+
+		<dependency>
+			<groupId>com.bucket4j</groupId>
+			<artifactId>bucket4j-redis</artifactId>
+			<version>8.6.0</version>
+		</dependency>
+
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-data-redis</artifactId>
+		</dependency>
 	</dependencies>
 
 	<build>

src/main/java/com/vimaltech/contactapi/security/RedisRateLimitFilter.java

@@ -0,0 +1,85 @@
+package com.vimaltech.contactapi.security;
+
+import io.github.bucket4j.Bandwidth;
+import io.github.bucket4j.Bucket;
+import io.github.bucket4j.BucketConfiguration;
+import io.github.bucket4j.distributed.proxy.ProxyManager;
+import io.github.bucket4j.redis.lettuce.cas.LettuceBasedProxyManager;
+
+import io.lettuce.core.RedisClient;
+import io.lettuce.core.RedisURI;
+
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Profile;
+import org.springframework.stereotype.Component;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+import java.io.IOException;
+import java.time.Duration;
+import java.util.Optional;
+
+@Component
+@Profile("prod")
+public class RedisRateLimitFilter extends OncePerRequestFilter {
+
+    private final ProxyManager<byte[]> proxyManager;
+
+    public RedisRateLimitFilter(
+            @Value("${spring.data.redis.host}") String host,
+            @Value("${spring.data.redis.port}") int port
+    ) {
+
+        RedisURI redisURI = RedisURI.Builder.redis(host)
+                .withPort(port)
+                .build();
+
+        RedisClient redisClient = RedisClient.create(redisURI);
+
+        this.proxyManager = LettuceBasedProxyManager
+                .builderFor(redisClient)
+                .build();
+    }
+
+    private BucketConfiguration configuration() {
+        return BucketConfiguration.builder()
+                .addLimit(Bandwidth.simple(10, Duration.ofMinutes(1)))
+                .build();
+    }
+
+    @Override
+    protected void doFilterInternal(HttpServletRequest request,
+                                    HttpServletResponse response,
+                                    FilterChain filterChain)
+            throws ServletException, IOException {
+
+        if (!request.getRequestURI().equals("/api/v1/contact")) {
+            filterChain.doFilter(request, response);
+            return;
+        }
+
+        String ip = Optional.ofNullable(request.getHeader("X-Forwarded-For"))
+                .map(s -> s.split(",")[0].trim())
+                .orElse(request.getRemoteAddr());
+
+        Bucket bucket = proxyManager.builder()
+                .build(("ip:" + ip).getBytes(), this::configuration);
+
+        if (bucket.tryConsume(1)) {
+            filterChain.doFilter(request, response);
+        } else {
+            response.setStatus(429);
+            response.setContentType("application/json");
+            response.getWriter().write("""
+                {
+                  "success": false,
+                  "message": "Too many requests. Please try again later."
+                }
+                """);
+        }
+    }
+}

src/main/resources/ApiResponse.java

@@ -5,6 +5,12 @@ spring:
     password: ${DB_PASSWORD:?DB_PASSWORD is required}
     driver-class-name: org.postgresql.Driver
 
+  data:
+    redis:
+      host: redis
+      port: 6379
+      timeout: 2000
+
   jpa:
     hibernate:
       ddl-auto: validate