Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feat basic rate limiting #501

Merged
merged 29 commits into from
Jan 25, 2023
Merged

Feat basic rate limiting #501

merged 29 commits into from
Jan 25, 2023

Conversation

like-a-bause
Copy link
Collaborator

@like-a-bause like-a-bause commented Jan 23, 2023
edited
Loading

Description

Implements basic fixed window rate limiting.

Fixes #24 Relates to #213

Implementation

Uses https://github.com/sethvargo/go-limiter
Supports both in-memory and redis backend for scalability.
Now only implemented for: password/init and password/login, with separate stores.
Uses a key combination of user-id and ip.
Limits can be defined for each endpoint separateley.

Tests

Added some tests for the config, which should be expanded for Fields that get Validated.
Added basic functionality test for the rate-limiter library.

Todos

Additional context

@like-a-bause like-a-bause marked this pull request as draft January 23, 2023 11:33
@like-a-bause like-a-bause changed the title Draft: Feat basic rate limiting Feat basic rate limiting Jan 23, 2023
@like-a-bause like-a-bause marked this pull request as ready for review January 23, 2023 13:47
FreddyDevelop
FreddyDevelop requested changes Jan 24, 2023
View reviewed changes
Copy link
Contributor

@FreddyDevelop FreddyDevelop left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The different limits for passcode and password do not work when redis is enabled.

backend/config/config.go Outdated Show resolved Hide resolved
backend/config/config.go Outdated Show resolved Hide resolved
backend/config/config.go Outdated Show resolved Hide resolved
backend/config/config.go Outdated Show resolved Hide resolved
backend/docs/Config.md Outdated Show resolved Hide resolved
backend/docs/Config.md Outdated Show resolved Hide resolved
backend/docs/Config.md Outdated Show resolved Hide resolved
backend/rate_limiter/rate_limiter.go Outdated Show resolved Hide resolved
backend/rate_limiter/rate_limiter.go Outdated Show resolved Hide resolved
backend/rate_limiter/rate_limiter.go Outdated Show resolved Hide resolved
like-a-bause and others added 12 commits January 24, 2023 10:48
@like-a-bause @FreddyDevelop
Update backend/config/config.go
c6c3932 
Co-authored-by: Frederic Jahn <[email protected]>
@like-a-bause @FreddyDevelop
Update backend/docs/Config.md
a10e7ec 
Co-authored-by: Frederic Jahn <[email protected]>
@like-a-bause @FreddyDevelop
Update backend/docs/Config.md
283cfda 
Co-authored-by: Frederic Jahn <[email protected]>
@like-a-bause @FreddyDevelop
Update backend/rate_limiter/rate_limiter.go
188c24e 
Co-authored-by: Frederic Jahn <[email protected]>
@like-a-bause @FreddyDevelop
Update backend/rate_limiter/rate_limiter.go
5409250 
Co-authored-by: Frederic Jahn <[email protected]>
@like-a-bause @FreddyDevelop
Update backend/rate_limiter/rate_limiter.go
4ef06d2 
Co-authored-by: Frederic Jahn <[email protected]>
@like-a-bause @FreddyDevelop
Update backend/docs/Config.md
5483494 
Co-authored-by: Frederic Jahn <[email protected]>
@like-a-bause
fix: use httplimit defined headers
f9fdcba
@like-a-bause
fix: rename backend -> store
2eee359
@like-a-bause
fix: require redis.address when enabling redis
1384661
@like-a-bause
fix: rate_limiter_test.go
abeacd4
@like-a-bause
fix: use echo context.Path as key prefix for rate limiter. use redis …
f57443e 
…for quickstart with redis.
like-a-bause and others added 3 commits January 24, 2023 12:06
@like-a-bause @FreddyDevelop
Update backend/docs/Config.md
9403f40 
Co-authored-by: Frederic Jahn <[email protected]>
@like-a-bause @FreddyDevelop
Update backend/docs/Config.md
7591d00 
Co-authored-by: Frederic Jahn <[email protected]>
@like-a-bause @FreddyDevelop
Update backend/docs/Config.md
74baba7 
Co-authored-by: Frederic Jahn <[email protected]>
FreddyDevelop
FreddyDevelop approved these changes Jan 24, 2023
View reviewed changes
Copy link
Contributor

@FreddyDevelop FreddyDevelop left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

like-a-bause and others added 6 commits January 25, 2023 11:08
@like-a-bause
Merge branch 'main' into feat-basic-rate-limiting
f5adfed 
# Conflicts:
#	backend/config/config.go
#	backend/handler/passcode.go
#	frontend/frontend-sdk/src/lib/client/PasscodeClient.ts
#	frontend/frontend-sdk/src/lib/client/PasswordClient.ts
#	frontend/frontend-sdk/tests/lib/client/PasswordClient.spec.ts
@like-a-bause
fix: rename the Retry After Header
c96f95c
@like-a-bause
docs: adjust the Readme
081553b
@like-a-bause
fix: fix quickstart with redis compose file
a1673f7
@like-a-bause
fix: the password retry counter on button now counts down.
dd37d30
@like-a-bause
Merge branch 'main' into feat-basic-rate-limiting
ddda0f6
@like-a-bause like-a-bause merged commit 8115569 into main Jan 25, 2023
@like-a-bause like-a-bause deleted the feat-basic-rate-limiting branch January 25, 2023 17:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@FreddyDevelop FreddyDevelop FreddyDevelop approved these changes

@bjoern-m bjoern-m Awaiting requested review from bjoern-m

@lfleischmann lfleischmann Awaiting requested review from lfleischmann

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Rate limiting (application layer)
2 participants
@like-a-bause @FreddyDevelop