GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → jeremy → rack-ratelimit

jeremy / rack-ratelimit

Licence: MIT License
Flexible rate limiting for your Rack apps

Programming Languages

ruby
36898 projects - #4 most used programming language

Labels

rack

Projects that are alternatives of or similar to rack-ratelimit

dyndnsd
A small, lightweight and extensible DynDNS server written with Ruby and Rack.
Stars: ✭ 69 (-37.84%)
Mutual labels:  rack
rack-secure-upload
Upload files securely
Stars: ✭ 75 (-32.43%)
Mutual labels:  rack
bitbot
Bitbot: Rack based Slack bot with a responder DSL and support for Wit.ai natural language processing.
Stars: ✭ 13 (-88.29%)
Mutual labels:  rack
rack-cargo
🚚 Batch requests for Rack apps (works with Rails, Sinatra, etc)
Stars: ✭ 17 (-84.68%)
Mutual labels:  rack
dredd-rack
The Dredd API blueprint testing tool for your Rack applications.
Stars: ✭ 50 (-54.95%)
Mutual labels:  rack
web pipe
One-way pipe, composable, rack application builder
Stars: ✭ 56 (-49.55%)
Mutual labels:  rack
tipi
Tipi - the All-in-one Web Server for Ruby Apps
Stars: ✭ 214 (+92.79%)
Mutual labels:  rack
rack-idempotency
Rack middleware for idempotency guarantees in mutating endpoints.
Stars: ✭ 20 (-81.98%)
Mutual labels:  rack
encrypted cookie
AES-128 encrypted session cookies for Rack (and Sinatra and other frameworks).
Stars: ✭ 54 (-51.35%)
Mutual labels:  rack
detectify
Detectify is a gem for multi-tenant Rack apps, to help you retrieve domain and subdomain-related data from a database.
Stars: ✭ 79 (-28.83%)
Mutual labels:  rack
itop-datacenter-view
Extension for iTop: Easily manage & visualize your racks, enclosures and datacenter devices.
Stars: ✭ 24 (-78.38%)
Mutual labels:  rack
anycable-rack-server
AnyCable-compatible Ruby Rack middleware
Stars: ✭ 21 (-81.08%)
Mutual labels:  rack
ruby wolf
Tiny ruby web server for research and studying purpose
Stars: ✭ 19 (-82.88%)
Mutual labels:  rack
grape-jwt-authentication
A reusable Grape JWT authentication concern
Stars: ✭ 31 (-72.07%)
Mutual labels:  rack
mruby-shelf
Modular webserver interface for mruby
Stars: ✭ 18 (-83.78%)
Mutual labels:  rack
rack-reproxy
Transparently proxy Rack responses from a backend URL. Great for private access to an internal service or to route authenticated requests through intermediate caching layers.
Stars: ✭ 20 (-81.98%)
Mutual labels:  rack
sinatra-api-server-toolbox
Sinatra API Server Toolbox (Ruby, Sinatra, ActiveRecord, postgreSQL, JSON, jQuery, AJAX)
Stars: ✭ 21 (-81.08%)
Mutual labels:  rack
rdf-ldp
A suite of LDP software and middleware for RDF.rb & Rack
Stars: ✭ 14 (-87.39%)
Mutual labels:  rack
rack-simple user agent
Rack::SimpleUserAgent is stupidly simple UA detector
Stars: ✭ 13 (-88.29%)
Mutual labels:  rack
rack-params
`Rack::Request.params` validation and type coercion, on Rack.
Stars: ✭ 31 (-72.07%)
Mutual labels:  rack
View All Similar Projects ➔

Rack::Ratelimit

  • Run multiple rate limiters in a single app
  • Scope each rate limit to certain requests: API, files, GET vs POST, etc.
  • Apply each rate limit by request characteristics: IP, subdomain, OAuth2 token, etc.
  • Flexible time window to limit burst traffic vs hourly or daily traffic: 100 requests per 10 sec, 500 req/minute, 10000 req/hour, etc.
  • Fast, low-overhead implementation in memcache using counters for discrete timeslices: timeslice = window * ceiling(current time / window) memcache.incr(counter for timeslice)

Configuration

Takes a block that classifies requests for rate limiting. Given a Rack env, return a string such as IP address, API token, etc. If the block returns nil, the request won't be rate-limited. If a block is not given, all requests get the same limits.

Required configuration:

  • rate: an array of [max requests, period in seconds]: [500, 5.minutes]

and one of

  • cache: a Dalli::Client instance
  • redis: a Redis instance
  • counter: Your own custom counter. Must respond to #increment(classification_string, end_of_time_window_timestamp) and return the counter value after increment.

Optional configuration:

  • name: name of the rate limiter. Defaults to 'HTTP'. Used in messages.
  • conditions: array of procs that take a rack env, all of which must return true to rate-limit the request.
  • exceptions: array of procs that take a rack env, any of which may return true to exclude the request from rate limiting.
  • logger: responds to #info(message). If provided, the rate limiter logs the first request that hits the rate limit, but none of the subsequently blocked requests.
  • error_message: the message returned in the response body when the rate limit is exceeded. Defaults to " rate limit exceeded. Please wait seconds then retry your request."

Examples

Rate-limit bursts of POST/PUT/DELETE requests by IP address

use(Rack::Ratelimit, name: 'POST',
  exceptions: ->(env) { env['REQUEST_METHOD'] == 'GET' },
  rate:   [50, 10.seconds],
  cache:  Dalli::Client.new,
  logger: Rails.logger) { |env| Rack::Request.new(env).ip }

Rate-limit API traffic by user (set by Rack::Auth::Basic)

use(Rack::Ratelimit, name: 'API',
  conditions: ->(env) { env['REMOTE_USER'] },
  rate:   [1000, 1.hour],
  redis:  Redis.new(ratelimit_redis_config),
  logger: Rails.logger) { |env| env['REMOTE_USER'] }
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].