fix: token based limiter is added.

[sriramkanakam87]

The token is set in the .env file. Any request with this token in the header would be exempt from rate limiting.

[Copilot]

Pull Request Overview

Centralize rate limiting logic by extracting it into a shared module and enable token-based rate limit exemptions via an environment variable.

• Load .env in both Docker Compose files to provide the internal auth token.
• Remove local limiter setups in routers and import the shared limiter instance.
• Create app/limiter.py with a custom key function that exempts requests carrying a valid internal token.

Reviewed Changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated 1 comment.

Show a summary per file

File	Description
docker-compose.yml	Added env_file to load .env for container environment variables.
docker-compose.lite.yml	Same update to include .env in the lightweight compose file.
app/routers/depict.py	Removed local FastAPI and limiter instantiation; now imports shared limiter.
app/routers/converters.py	Removed local rate limiter imports/initialization; now uses shared limiter.
app/main.py	Imports shared limiter, adds middleware and exception handler to the main app.
app/limiter.py	New module defining limiter, a custom key function for token-based exemptions.

Comments suppressed due to low confidence (4)

app/main.py:5

• [nitpick] The alias RateLimitExceededExc is non-standard. Consider renaming to RateLimitExceededError or matching the original class name for clarity.

from app.limiter import limiter, rate_limit_exceeded_handler, RateLimitExceededExc

app/limiter.py:3

• [nitpick] The module lacks a top-level docstring explaining its purpose. Adding a brief description will help future maintainers understand its role.

import os

app/limiter.py:11

• [nitpick] This function would benefit from a docstring describing the token exemption logic and return values to make its behavior explicit.

def custom_rate_limit_key_func(request: StarletteRequest):

app/limiter.py:11

• There are no tests verifying that requests with a valid x-internal-auth token are exempt from rate limiting. Consider adding unit or integration tests for this behavior.

def custom_rate_limit_key_func(request: StarletteRequest):

[Copilot]

[nitpick] This comment is describing a past change rather than current behavior. Consider removing or moving it to the PR description or commit message to keep the code clean.

Suggested change

## Removed local FastAPI app instance and limiter/exception handler setup in favour of shared one.

[codecov]

Codecov Report

Attention: Patch coverage is 73.52941% with 9 lines in your changes missing coverage. Please review.

Project coverage is 90.53%. Comparing base (5bc43c9) to head (8e331a4).

Files with missing lines	Patch %	Lines
app/routers/converters.py	11.11%	8 Missing ⚠️
app/limiter.py	92.85%	1 Missing ⚠️

Additional details and impacted files

@@               Coverage Diff               @@
##           development     #613      +/-   ##
===============================================
- Coverage        90.57%   90.53%   -0.05%     
===============================================
  Files               50       51       +1     
  Lines             3405     3401       -4     
===============================================
- Hits              3084     3079       -5     
- Misses             321      322       +1     

Flag	Coverage Δ
service	90.53% <73.52%> (-0.05%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[vcnainala]

• Resolve conflicts
• Add missing tests