Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Throttle # of requests per user (with rack-attack & devise)

Tags:

ruby

ruby-on-rails

devise

throttling

rackattack

I'm using https://github.com/kickstarter/rack-attack/#throttles to throttle request to certain url's.

Rack-attack docs show how to throttle by request IP or request parameters, but what I'd like to do is throttle requests per user. So no matter the IP, user should be able to make no more than n request in certain time frame.

We use devise for authentication and I cannot think of a simple way to uniquely identify users based on request.

Should I store user id in the session/cookie? Maybe a uniq hash? What's you opinion on the best way to go about doing that?

like image 253
ddgd Avatar asked Jul 30 '15 08:07

ddgd

People also ask

What is called throttle?

The term throttle has come to refer, informally, to any mechanism by which the power or speed of an engine is regulated, such as a car's accelerator pedal. What is often termed a throttle (in an aviation context) is also called a thrust lever, particularly for jet engine powered aircraft.

What does throttle mean in f1?

A throttle has come to be associated with any part that controls the power of an engine – such as the accelerator pedal – but in actual fact it is a hydraulically operated mechanism used to increase or decrease inlet gases to the engine.

What does throttle mean in a car?

The Throttle System regulates the amount of air entering the engine, indirectly controlling the fuel-air mixture needed for engine power. When you press your foot on the accelerator lightly, the throttle valve opens slightly to let in a small amount of air.

What does it mean to throttle a girl?

To throttle someone means to kill or injure them by squeezing their throat or tightening something around it and preventing them from breathing. The gang tried to throttle the victim with a rope. Synonyms: strangle, choke, garrotte, strangulate More Synonyms of throttle. countable noun.

What is throttle function?

throttle, Valve for regulating the supply of a fluid (as steam) to an engine, especially the valve controlling the volume of vaporized fuel delivered to the cylinders of an internal-combustion engine.

What means full throttle?

full throttle (comparative more full throttle, superlative most full throttle) All out; at maximum speed, effort, or risk.

1 Answers

Figured it out. Devise already stores user id in the session. The code would look something like:

Rack::Attack.throttle('something', limit: 6, period: 60.seconds) do |req|
  req.env['rack.session']["warden.user.user.key"][0][0] if some_condition?
end
like image 164
ddgd Avatar answered Sep 18 '22 13:09

ddgd
Sign in to Comment

Related questions

Rails 2.3.5 I18n month/day name translation problem
validation before attribute setters can type cast
How to combine autotest and spork in Rails testing?
Rails: Where "params" is defined?
Create a simple Rails 3 text helper Gem [duplicate]
Rails 3 - Devise 'Please enter an email address' popup message, even when validatable disabled
How to namespace our JS for use with the Rails asset pipeline
Rails: how to treat alternative Accept: content-types as JSON?
Force SSL for specific routes in Rails 3.1
Fields_for disappear when adding accepts_nested_attributes_for
Detecting changes in a rails has_many :through relationship
how to call a active record named scope with a string
Rails s return: [BUG] Segmentation fault
FactoryGirl define attribute by calling method on another factory
Rails CanCan gem refactoring Ability class
Errno::EIO: Input/output error - <STDOUT>
How do I get values from a ActiveRecord CollectionProxy?
Avoid sql injection with connection.execute
How can I rollback a rails save/transaction?
How to show page loading between pages

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!