better_rate_limit 0.1.6 → 0.1.9

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +21 -17
  3. data/lib/action_controller/better_rate_limit.rb +12 -11
  4. data/lib/better_rate_limit/configuration.rb +1 -1
  5. data/lib/better_rate_limit/redis_connection.rb +7 -1
  6. data/lib/better_rate_limit/throttle.rb +7 -6
  7. data/lib/better_rate_limit/version.rb +1 -1
  8. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: fd081be677a01d7f69d7e6e6ada8a3172d84d6ee74fbf7ccab5d5fbecb89ee58
4
- data.tar.gz: 2817642bfee1165564273b8b36ae434e02e7135c6e63a887a4c178c4558d3752
3
+ metadata.gz: 7501160c6bba347fbc8eb40116c5a46c9d500b01d77116ed49e98c8985fb79da
4
+ data.tar.gz: 5ab03fac755181baffa23f4f876bcd331e71295ce56902d11b5d476ac1797ce6
5
5
  SHA512:
6
- metadata.gz: bdd3fda987a39c8027d47ddec7b6112e089a609aaabd3a924e71a76417619b69284416183d68744ea05fa55b47e1cead0d04cb99ddb33937e6db97f578d784db
7
- data.tar.gz: 7b03b579af9be74f8669af5531d254580b0f384232dc5cb295f6d4cbcea7ca3525d42ee41105f0c08dd121c6a68d91544e06dd38a7044bd0b4062cc6007077c5
6
+ metadata.gz: 35dabbd3e4cf261c6edc4e87e4ed55793ce492f7992b4dc4fa7ce32d41478fd8c2da7557f4ce19f394dd2e24005a979c211ae5adb23a1d20eadf177f38033778
7
+ data.tar.gz: 92f051eb2ecbe4ab682757ca066ecc2c53680a8f7cb8a938a9772f0dc30c2fe92cdee7d27c1d8deb81c1862ebd43bbc63c1a68c19d23f3228bfce285d4b7ddc7
data/Gemfile.lock CHANGED
@@ -1,44 +1,45 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- better_rate_limit (0.1.5)
4
+ better_rate_limit (0.1.9)
5
5
  actionpack (>= 5.0)
6
6
  redis (>= 3.3)
7
7
 
8
8
  GEM
9
9
  remote: https://rubygems.org/
10
10
  specs:
11
- actionpack (5.2.4.3)
12
- actionview (= 5.2.4.3)
13
- activesupport (= 5.2.4.3)
11
+ actionpack (5.2.6.2)
12
+ actionview (= 5.2.6.2)
13
+ activesupport (= 5.2.6.2)
14
14
  rack (~> 2.0, >= 2.0.8)
15
15
  rack-test (>= 0.6.3)
16
16
  rails-dom-testing (~> 2.0)
17
17
  rails-html-sanitizer (~> 1.0, >= 1.0.2)
18
- actionview (5.2.4.3)
19
- activesupport (= 5.2.4.3)
18
+ actionview (5.2.6.2)
19
+ activesupport (= 5.2.6.2)
20
20
  builder (~> 3.1)
21
21
  erubi (~> 1.4)
22
22
  rails-dom-testing (~> 2.0)
23
23
  rails-html-sanitizer (~> 1.0, >= 1.0.3)
24
- activesupport (5.2.4.3)
24
+ activesupport (5.2.6.2)
25
25
  concurrent-ruby (~> 1.0, >= 1.0.2)
26
26
  i18n (>= 0.7, < 2)
27
27
  minitest (~> 5.1)
28
28
  tzinfo (~> 1.1)
29
29
  builder (3.2.4)
30
30
  coderay (1.1.3)
31
- concurrent-ruby (1.1.6)
31
+ concurrent-ruby (1.1.9)
32
+ connection_pool (2.2.5)
32
33
  crass (1.0.6)
33
- erubi (1.9.0)
34
- i18n (1.8.5)
34
+ erubi (1.10.0)
35
+ i18n (1.9.1)
35
36
  concurrent-ruby (~> 1.0)
36
- loofah (2.6.0)
37
+ loofah (2.14.0)
37
38
  crass (~> 1.0.2)
38
39
  nokogiri (>= 1.5.9)
39
40
  method_source (1.0.0)
40
41
  mini_portile2 (2.4.0)
41
- minitest (5.14.1)
42
+ minitest (5.15.0)
42
43
  mocha (1.11.2)
43
44
  mock_redis (0.25.0)
44
45
  nokogiri (1.10.10)
@@ -47,8 +48,8 @@ GEM
47
48
  coderay (~> 1.1)
48
49
  method_source (~> 1.0)
49
50
  rack (2.2.3)
50
- rack-test (0.6.3)
51
- rack (>= 1.0)
51
+ rack-test (1.1.0)
52
+ rack (>= 1.0, < 3)
52
53
  rails-controller-testing (1.0.5)
53
54
  actionpack (>= 5.0.1.rc1)
54
55
  actionview (>= 5.0.1.rc1)
@@ -56,13 +57,16 @@ GEM
56
57
  rails-dom-testing (2.0.3)
57
58
  activesupport (>= 4.2.0)
58
59
  nokogiri (>= 1.6)
59
- rails-html-sanitizer (1.3.0)
60
+ rails-html-sanitizer (1.4.2)
60
61
  loofah (~> 2.3)
61
62
  rake (12.3.3)
62
- redis (4.2.5)
63
+ redis (5.0.3)
64
+ redis-client (>= 0.7.4)
65
+ redis-client (0.8.0)
66
+ connection_pool
63
67
  thread_safe (0.3.6)
64
68
  timecop (0.9.1)
65
- tzinfo (1.2.7)
69
+ tzinfo (1.2.9)
66
70
  thread_safe (~> 0.1)
67
71
 
68
72
  PLATFORMS
data/lib/action_controller/better_rate_limit.rb CHANGED
@@ -9,15 +9,15 @@ module ActionController
9
9
  module ClassMethods
10
10
  def rate_limit(max, options)
11
11
  rate_limits << Limit.build(max, controller_path, {
12
- if: options[:if],
13
- unless: options[:unless],
14
- every: options[:every],
15
- name: options[:name] || controller_path,
16
- scope: options[:scope] || -> { real_ip },
17
- only: options[:only] || [],
18
- except: options[:except] || [],
19
- clear_if: options[:clear_if]
20
- })
12
+ if: options[:if],
13
+ unless: options[:unless],
14
+ every: options[:every],
15
+ name: options[:name] || controller_path,
16
+ scope: options[:scope] || -> { real_ip },
17
+ only: options[:only] || [],
18
+ except: options[:except] || [],
19
+ clear_if: options[:clear_if]
20
+ })
21
21
 
22
22
  before_action :perform_rate_limiting
23
23
  after_action :clear_keys
@@ -61,11 +61,12 @@ module ActionController
61
61
  private
62
62
 
63
63
  def json?
64
- request.xhr? || request.format === :json
64
+ request.xhr? || request.format == :json
65
65
  end
66
66
 
67
67
  def real_ip
68
- request.headers['X-Forwarded-For'].try(:split, ',').try(:[], -2..-2).try(:first).try(:strip)
68
+ request.headers['X-Forwarded-For'].try(:split, ',').try(:last,
69
+ ::BetterRateLimit.configuration.proxies_to_trust).try(:first).try(:strip)
69
70
  end
70
71
 
71
72
  def under_rate_limit?(limit)
data/lib/better_rate_limit/configuration.rb CHANGED
@@ -2,7 +2,7 @@
2
2
 
3
3
  module BetterRateLimit
4
4
  class Configuration
5
- attr_accessor :ignore
5
+ attr_accessor :ignore, :redis_client, :proxies_to_trust
6
6
 
7
7
  def initialize
8
8
  @ignore = false
data/lib/better_rate_limit/redis_connection.rb CHANGED
@@ -2,6 +2,12 @@
2
2
 
3
3
  require 'redis'
4
4
 
5
+ class MissingRedisConfigError < StandardError
6
+ def initialize
7
+ super 'Redis client not set'
8
+ end
9
+ end
10
+
5
11
  module BetterRateLimit
6
12
  module RedisConnection
7
13
  def self.included(host)
@@ -10,7 +16,7 @@ module BetterRateLimit
10
16
 
11
17
  module ClassMethods
12
18
  def redis_client
13
- @redis_client ||= Redis.new(url: ENV.fetch('REDIS_URL', 'redis://localhost:6379'))
19
+ @redis_client ||= BetterRateLimit.configuration.redis_client
14
20
  end
15
21
  end
16
22
  end
data/lib/better_rate_limit/throttle.rb CHANGED
@@ -11,22 +11,23 @@ module BetterRateLimit
11
11
  class << self
12
12
  def throttle(key, limit:, time_window:)
13
13
  return true if BetterRateLimit.configuration.ignore
14
+ raise MissingRedisConfigError unless redis_client
14
15
 
15
16
  now = Time.now.utc
16
17
  timestamps_count = redis_client.llen key
17
18
 
18
19
  if timestamps_count < limit
19
- redis_client.multi do
20
- redis_client.rpush key, now
21
- redis_client.expire key, time_window.to_i
20
+ redis_client.multi do |pipeline|
21
+ pipeline.rpush key, now
22
+ pipeline.expire key, time_window.to_i
22
23
  end
23
24
  true
24
25
  else
25
26
  first = redis_client.lpop(key)
26
27
 
27
- redis_client.multi do
28
- redis_client.rpush key, now
29
- redis_client.expire key, time_window.to_i
28
+ redis_client.multi do |pipeline|
29
+ pipeline.rpush key, now
30
+ pipeline.expire key, time_window.to_i
30
31
  end
31
32
 
32
33
  return false unless first
data/lib/better_rate_limit/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module BetterRateLimit
2
- VERSION = "0.1.6"
2
+ VERSION = '0.1.9'
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: better_rate_limit
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.6
4
+ version: 0.1.9
5
5
  platform: ruby
6
6
  authors:
7
7
  - Pablo Fonseca
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: exe
11
11
  cert_chain: []
12
- date: 2021-07-13 00:00:00.000000000 Z
12
+ date: 2022-09-09 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: redis