Basic application-level HTTP rate limiting

Here set to 10 requests per minute. Note that the current implementation
doesn't use a shared store across instances, so in effect clients can
request on average instances-count * 10 requests per minute.
pull/69/head
Thomas Buckley-Houston 2018-06-26 15:21:10 +08:00
rodzic c0c68842f0
commit 16f1917ed8
1 zmienionych plików z 16 dodań i 1 usunięć

Wyświetl plik

@ -9,6 +9,9 @@ import (
"io"
"time"
"github.com/ulule/limiter"
"github.com/ulule/limiter/drivers/store/memory"
"github.com/ulule/limiter/drivers/middleware/stdlib"
"github.com/NYTimes/gziphandler"
)
@ -29,12 +32,24 @@ func HTTPServerStart() {
Log("Starting Browsh HTTP server")
serverMux := http.NewServeMux()
uncompressed := http.HandlerFunc(handleHTTPServerRequest)
serverMux.Handle("/", gziphandler.GzipHandler(uncompressed))
limiterMiddleware := setupRateLimiter()
serverMux.Handle("/", limiterMiddleware.Handler(gziphandler.GzipHandler(uncompressed)))
if err := http.ListenAndServe(":" + *HTTPServerPort, &slashFix{serverMux}); err != nil {
Shutdown(err)
}
}
func setupRateLimiter() *stdlib.Middleware {
rate := limiter.Rate{
Period: 1 * time.Minute,
Limit: 10,
}
// TODO: Centralise store amongst instances with Redis
store := memory.NewStore()
middleware := stdlib.NewMiddleware(limiter.New(store, rate), stdlib.WithForwardHeader(true))
return middleware
}
func pseudoUUID() (uuid string) {
b := make([]byte, 16)
_, err := rand.Read(b)