2013-02-05 14:16:51 -05:00
|
|
|
require_dependency 'rate_limiter/limit_exceeded'
|
|
|
|
require_dependency 'rate_limiter/on_create_record'
|
|
|
|
|
|
|
|
# A redis backed rate limiter.
|
|
|
|
class RateLimiter
|
|
|
|
|
2015-04-15 19:44:30 -04:00
|
|
|
attr_reader :max, :secs, :user, :key
|
|
|
|
|
2015-02-02 12:44:21 -05:00
|
|
|
def self.key_prefix
|
|
|
|
"l-rate-limit:"
|
|
|
|
end
|
2015-01-29 11:44:51 -05:00
|
|
|
|
2013-10-09 00:10:37 -04:00
|
|
|
def self.disable
|
|
|
|
@disabled = true
|
|
|
|
end
|
|
|
|
|
|
|
|
def self.enable
|
|
|
|
@disabled = false
|
|
|
|
end
|
|
|
|
|
2013-02-05 14:16:51 -05:00
|
|
|
# We don't observe rate limits in test mode
|
|
|
|
def self.disabled?
|
2013-10-09 00:10:37 -04:00
|
|
|
@disabled || Rails.env.test?
|
2013-02-05 14:16:51 -05:00
|
|
|
end
|
|
|
|
|
2015-01-29 11:44:51 -05:00
|
|
|
def self.clear_all!
|
2015-02-02 12:44:21 -05:00
|
|
|
$redis.delete_prefixed(RateLimiter.key_prefix)
|
2015-01-29 11:44:51 -05:00
|
|
|
end
|
|
|
|
|
2015-09-24 13:52:32 -04:00
|
|
|
def build_key(type)
|
|
|
|
"#{RateLimiter.key_prefix}:#{@user && @user.id}:#{type}"
|
|
|
|
end
|
|
|
|
|
|
|
|
def initialize(user, type, max, secs)
|
2013-02-05 14:16:51 -05:00
|
|
|
@user = user
|
2015-09-24 13:52:32 -04:00
|
|
|
@type = type
|
|
|
|
@key = build_key(type)
|
2013-02-05 14:16:51 -05:00
|
|
|
@max = max
|
|
|
|
@secs = secs
|
|
|
|
end
|
|
|
|
|
|
|
|
def clear!
|
|
|
|
$redis.del(@key)
|
|
|
|
end
|
|
|
|
|
|
|
|
def can_perform?
|
2013-05-23 20:18:59 -04:00
|
|
|
rate_unlimited? || is_under_limit?
|
2013-02-05 14:16:51 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
def performed!
|
2013-05-23 20:18:59 -04:00
|
|
|
return if rate_unlimited?
|
2013-02-05 14:16:51 -05:00
|
|
|
|
2013-05-25 15:37:28 -04:00
|
|
|
if is_under_limit?
|
|
|
|
# simple ring buffer.
|
|
|
|
$redis.lpush(@key, Time.now.to_i)
|
|
|
|
$redis.ltrim(@key, 0, @max - 1)
|
2013-05-27 18:58:45 -04:00
|
|
|
|
|
|
|
# let's ensure we expire this key at some point, otherwise we have leaks
|
|
|
|
$redis.expire(@key, @secs * 2)
|
2013-05-25 15:37:28 -04:00
|
|
|
else
|
2015-09-24 13:52:32 -04:00
|
|
|
raise RateLimiter::LimitExceeded.new(seconds_to_wait, @type)
|
2013-02-05 14:16:51 -05:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def rollback!
|
|
|
|
return if RateLimiter.disabled?
|
2013-05-25 15:37:28 -04:00
|
|
|
$redis.lpop(@key)
|
2013-02-05 14:16:51 -05:00
|
|
|
end
|
|
|
|
|
2013-05-23 20:18:59 -04:00
|
|
|
private
|
|
|
|
|
2013-05-25 15:37:28 -04:00
|
|
|
def seconds_to_wait
|
|
|
|
@secs - age_of_oldest
|
|
|
|
end
|
|
|
|
|
|
|
|
def age_of_oldest
|
|
|
|
# age of oldest event in buffer, in seconds
|
|
|
|
Time.now.to_i - $redis.lrange(@key, -1, -1).first.to_i
|
|
|
|
end
|
|
|
|
|
2013-05-23 20:18:59 -04:00
|
|
|
def is_under_limit?
|
2015-01-29 11:44:51 -05:00
|
|
|
# number of events in buffer less than max allowed? OR
|
|
|
|
($redis.llen(@key) < @max) ||
|
|
|
|
# age bigger than silding window size?
|
|
|
|
(age_of_oldest > @secs)
|
2013-05-23 20:18:59 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
def rate_unlimited?
|
2014-08-17 20:55:30 -04:00
|
|
|
!!(RateLimiter.disabled? || (@user && @user.staff?))
|
2013-05-23 20:18:59 -04:00
|
|
|
end
|
2013-02-05 14:16:51 -05:00
|
|
|
end
|