Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Rate-limiting for rails controllers

I'm searching rate-limiting engine for my rails 3 application. I've found some but that's not what i need. I 've found rack-throttle gem and curbit gem. It seems that rack-throttle works for each request to rails application but i need to limit requests only to one action. Curbit was last updated two years ago. Can anyone tell me about any other rate-limiting engines that i can use? Note that it should work with caching.

like image 353
roman Avatar asked Mar 06 '12 09:03

roman


Video Answer


1 Answers

Well, finally rack throttle is a good solution.

You can do it the following way. You need to define your custom limiter. It can be based on either of the following limiters

Rack::Throttle::Limiter
Rack::Throttle::Interval
Rack::Throttle::Hourly
Rack::Throttle::Daily

Everything you need to do is derive from one of the above classes to define custom logic. For example:

class CustomLimiter < Rack::Throttle::Interval
  def allowed?(request)
  #custom logic here
  end
end

You should put this file in the RAILS_ROOT/lib path. Then in the application.rb file you should specify what class to use as a limiter. For example if you want to apply limiter only to one action you can do it the following way:

#lib/custom_limiter.rb
class CustomLimiter < Rack::Throttle::Interval
  def allowed?(request)
    path_info = Rails.application.routes.recognize_path request.url rescue {}
    if path_info[:controller] == "application" and path_info[:action] == "check_answer"
      super
    else 
      true
    end
  end
end

#config/application.rb
class Application < Rails::Application
  ... 
  #Set up rate limiting
  config.require "custom_limiter"
  config.middleware.use CustomLimiter, :min => 0.2
  ...
end

You may need to take this into consideration

Hope this will be useful

UPD:

you may want to check out another solution: rack-attack

like image 161
roman Avatar answered Oct 27 '22 16:10

roman