improved-rack-throttle 0.5.0

data/lib/rack/throttle/time_window.rb

@@ -0,0 +1,21 @@
+module Rack; module Throttle
+  ##
+  class TimeWindow < Limiter
+    ##
+    # Returns `true` if fewer than the maximum number of requests permitted
+    # for the current window of time have been made.
+    #
+    # @param  [Rack::Request] request
+    # @return [Boolean]
+    def allowed?(request)
+      count = cache_get(key = cache_key(request)).to_i + 1 rescue 1
+      allowed = count <= max_per_window.to_i
+      begin
+        cache_set(key, count)
+        allowed
+      rescue => e
+        allowed = true
+      end
+    end
+  end
+end; end

data/lib/rack/throttle/version.rb

@@ -0,0 +1,23 @@
+module Rack; module Throttle
+  module VERSION
+    MAJOR = 0
+    MINOR = 5
+    TINY  = 0
+    EXTRA = nil
+
+    STRING = [MAJOR, MINOR, TINY].join('.')
+    STRING << "-#{EXTRA}" if EXTRA
+
+    ##
+    # @return [String]
+    def self.to_s() STRING end
+
+    ##
+    # @return [String]
+    def self.to_str() STRING end
+
+    ##
+    # @return [Array(Integer, Integer, Integer)]
+    def self.to_a() [MAJOR, MINOR, TINY] end
+  end
+end; end

data/lib/rack/throttle.rb

@@ -0,0 +1,15 @@
+require 'rack'
+
+module Rack
+  module Throttle
+    autoload :Limiter,       'rack/throttle/limiter'
+    autoload :Interval,      'rack/throttle/interval'
+    autoload :TimeWindow,    'rack/throttle/time_window'
+    autoload :Daily,         'rack/throttle/daily'
+    autoload :Hourly,        'rack/throttle/hourly'
+    autoload :VERSION,       'rack/throttle/version'
+    autoload :Matcher,       'rack/throttle/matcher'
+    autoload :UrlMatcher,    'rack/throttle/matchers/url_matcher'
+    autoload :MethodMatcher, 'rack/throttle/matchers/method_matcher'
+  end
+end

data/spec/daily_spec.rb

@@ -0,0 +1,27 @@
+require File.dirname(__FILE__) + '/spec_helper'
+
+describe Rack::Throttle::Daily do
+  include Rack::Test::Methods
+
+  def app
+    @target_app ||= example_target_app
+    @app ||= Rack::Throttle::Daily.new(@target_app, :max_per_day => 3)
+  end
+
+  it "should be allowed if not seen this day" do
+    get "/foo"
+    last_response.body.should show_allowed_response
+  end
+  
+  it "should be allowed if seen fewer than the max allowed per day" do
+    2.times { get "/foo" }
+    last_response.body.should show_allowed_response
+  end
+  
+  it "should not be allowed if seen more times than the max allowed per day" do
+    4.times { get "/foo" }
+    last_response.body.should show_throttled_response
+  end
+  
+  # TODO mess with time travelling and requests to make sure no overlap
+end

data/spec/hourly_spec.rb

@@ -0,0 +1,27 @@
+require File.dirname(__FILE__) + '/spec_helper'
+
+describe Rack::Throttle::Hourly do
+  include Rack::Test::Methods
+
+  def app
+    @target_app ||= example_target_app
+    @app ||= Rack::Throttle::Hourly.new(@target_app, :max_per_hour => 3)
+  end
+
+  it "should be allowed if not seen this hour" do
+    get "/foo"
+    last_response.body.should show_allowed_response
+  end
+  
+  it "should be allowed if seen fewer than the max allowed per hour" do
+    2.times { get "/foo" }
+    last_response.body.should show_allowed_response
+  end
+  
+  it "should not be allowed if seen more times than the max allowed per hour" do
+    4.times { get "/foo" }
+    last_response.body.should show_throttled_response
+  end
+  
+  # TODO mess with time travelling and requests to make sure no overlap
+end

data/spec/interval_spec.rb

@@ -0,0 +1,45 @@
+require File.dirname(__FILE__) + '/spec_helper'
+
+
+describe Rack::Throttle::Interval do
+  include Rack::Test::Methods
+  
+  def app
+    @target_app ||= example_target_app
+    @app ||= Rack::Throttle::Interval.new(@target_app, :min => 0.1)
+  end
+
+  it "should allow the request if the source has not been seen" do
+    get "/foo"
+    last_response.body.should show_allowed_response
+  end
+  
+  it "should allow the request if the source has not been seen in the current interval" do
+    Timecop.freeze do
+      get "/foo"
+      Timecop.freeze(1) do # Timecop.freeze won't do subsecond resolution
+        get "/foo"
+      end
+    end
+    last_response.body.should show_allowed_response
+  end
+  
+  it "should not allow the request if the source has been seen inside the current interval" do
+    Timecop.freeze do
+      2.times { get "/foo" }
+    end
+    last_response.body.should show_throttled_response
+  end
+  
+  it "should gracefully allow the request if the cache bombs on getting" do
+    app.should_receive(:cache_get).and_raise(StandardError)
+    get "/foo"
+    last_response.body.should show_allowed_response
+  end
+  
+  it "should gracefully allow the request if the cache bombs on setting" do
+    app.should_receive(:cache_set).and_raise(StandardError)
+    get "/foo"
+    last_response.body.should show_allowed_response
+  end
+end

data/spec/limiter_spec.rb

@@ -0,0 +1,51 @@
+require File.dirname(__FILE__) + '/spec_helper'
+
+describe Rack::Throttle::Limiter do
+  include Rack::Test::Methods
+
+  def app
+    @target_app ||= example_target_app
+    @app ||= Rack::Throttle::Limiter.new(@target_app)
+  end
+  
+  describe "basic calling" do
+    it "should return the example app" do
+      get "/foo"
+      last_response.body.should show_allowed_response
+    end
+  
+    it "should call the application if allowed" do
+      app.should_receive(:allowed?).and_return(true)
+      get "/foo"
+      last_response.body.should show_allowed_response
+    end
+  
+    it "should give a rate limit exceeded message if not allowed" do
+      app.should_receive(:allowed?).and_return(false)
+      get "/foo"
+      last_response.body.should show_throttled_response
+    end
+  end
+  
+  describe "allowed?" do
+    it "should return true if whitelisted" do
+      app.should_receive(:whitelisted?).and_return(true)
+      get "/foo"
+      last_response.body.should show_allowed_response
+    end
+    
+    it "should return false if blacklisted" do
+      app.should_receive(:blacklisted?).and_return(true)
+      get "/foo"
+      last_response.body.should show_throttled_response
+    end
+    
+    it "should return true if not whitelisted or blacklisted" do
+      app.should_receive(:whitelisted?).and_return(false)
+      app.should_receive(:blacklisted?).and_return(false)
+      get "/foo"
+      last_response.body.should show_allowed_response
+    end
+  end
+
+end

data/spec/method_matcher_spec.rb

@@ -0,0 +1,29 @@
+require File.dirname(__FILE__) + '/spec_helper'
+
+describe Rack::Throttle::MethodMatcher do
+  include Rack::Test::Methods
+
+  def app
+    @target_app ||= example_target_app
+    @app ||= Rack::Throttle::Limiter.new(@target_app, :rules => {:method => :post})
+  end
+
+  it "should not bother checking if the path doesn't match the rule" do
+    app.should_not_receive(:allowed?)
+    get "/foo"
+    last_response.body.should show_allowed_response
+  end
+  
+  it "should check if the path matches the rule" do
+    app.should_receive(:allowed?).and_return(false)
+    post "/foo"
+    last_response.body.should show_throttled_response
+  end
+
+  it "should append the rule to the cache key" do
+    post "/foo"
+    app.send(:cache_key, last_request).should == "127.0.0.1:meth-post"
+  end
+end
+
+

data/spec/spec_helper.rb

@@ -0,0 +1,46 @@
+require "rspec"
+require "rack/test"
+require "rack/throttle"
+require "timecop"
+
+def example_target_app
+  @target_app = double("Example Rack App")
+  @target_app.stub(:call).with(any_args()).and_return([200, {}, "Example App Body"])
+  @target_app
+end
+
+RSpec::Matchers.define :show_allowed_response do
+  match do |body|
+    body.include?("Example App Body")
+  end
+  
+  failure_message_for_should do
+    "expected response to show the allowed response" 
+  end 
+
+  failure_message_for_should_not do
+    "expected response not to show the allowed response" 
+  end
+  
+  description do
+    "expected the allowed response"
+  end 
+end
+
+RSpec::Matchers.define :show_throttled_response do
+  match do |body|
+    body.include?("Rate Limit Exceeded")
+  end
+  
+  failure_message_for_should do
+    "expected response to show the throttled response" 
+  end 
+
+  failure_message_for_should_not do
+    "expected response not to show the throttled response" 
+  end
+  
+  description do
+    "expected the throttled response"
+  end 
+end

data/spec/url_matcher_spec.rb

@@ -0,0 +1,28 @@
+require File.dirname(__FILE__) + '/spec_helper'
+
+describe Rack::Throttle::UrlMatcher do
+  include Rack::Test::Methods
+
+  def app
+    @target_app ||= example_target_app
+    @app ||= Rack::Throttle::Limiter.new(@target_app, :rules => {:url => /foo/})
+  end
+
+  it "should not bother checking if the path doesn't match the rule" do
+    app.should_not_receive(:allowed?)
+    get "/bar"
+    last_response.body.should show_allowed_response
+  end
+  
+  it "should check if the path matches the rule" do
+    app.should_receive(:allowed?).and_return(false)
+    get "/foo"
+    last_response.body.should show_throttled_response
+  end
+
+  it "should append the rule to the cache key" do
+    get "/foo"
+    app.send(:cache_key, last_request).should == "127.0.0.1:url/foo/"
+  end
+end
+

metadata

@@ -0,0 +1,160 @@
+--- !ruby/object:Gem::Specification
+name: improved-rack-throttle
+version: !ruby/object:Gem::Version
+  version: 0.5.0
+  prerelease: 
+platform: ruby
+authors:
+- Ben Somers
+- Arto Bendiken
+- Brendon Murphy
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2012-10-03 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rack
+  requirement: &70364343200440 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 1.0.0
+  type: :runtime
+  prerelease: false
+  version_requirements: *70364343200440
+- !ruby/object:Gem::Dependency
+  name: timecop
+  requirement: &70364343199340 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.5.2
+  type: :development
+  prerelease: false
+  version_requirements: *70364343199340
+- !ruby/object:Gem::Dependency
+  name: rack-test
+  requirement: &70364343198560 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.6.2
+  type: :development
+  prerelease: false
+  version_requirements: *70364343198560
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: &70364343197860 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 2.11.0
+  type: :development
+  prerelease: false
+  version_requirements: *70364343197860
+- !ruby/object:Gem::Dependency
+  name: yard
+  requirement: &70364343213300 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 0.5.5
+  type: :development
+  prerelease: false
+  version_requirements: *70364343213300
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: &70364343212560 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: *70364343212560
+- !ruby/object:Gem::Dependency
+  name: jeweler
+  requirement: &70364343211840 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: *70364343211840
+description: Rack middleware for rate-limiting incoming HTTP requests.
+email: somers.ben@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files:
+- README.md
+files:
+- .document
+- Gemfile
+- Gemfile.lock
+- README.md
+- Rakefile
+- UNLICENSE
+- doc/.gitignore
+- etc/gdbm.ru
+- etc/hash.ru
+- etc/memcache-client.ru
+- etc/memcache.ru
+- etc/memcached.ru
+- etc/redis.ru
+- improved-rack-throttle.gemspec
+- lib/rack/throttle.rb
+- lib/rack/throttle/daily.rb
+- lib/rack/throttle/hourly.rb
+- lib/rack/throttle/interval.rb
+- lib/rack/throttle/limiter.rb
+- lib/rack/throttle/matcher.rb
+- lib/rack/throttle/matchers/ip_matcher.rb
+- lib/rack/throttle/matchers/method_matcher.rb
+- lib/rack/throttle/matchers/url_matcher.rb
+- lib/rack/throttle/time_window.rb
+- lib/rack/throttle/version.rb
+- spec/daily_spec.rb
+- spec/hourly_spec.rb
+- spec/interval_spec.rb
+- spec/limiter_spec.rb
+- spec/method_matcher_spec.rb
+- spec/spec_helper.rb
+- spec/url_matcher_spec.rb
+homepage: http://github.com/bensomers/improved-rack-throttle
+licenses:
+- Public Domain
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+      segments:
+      - 0
+      hash: -1128518403050699337
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.17
+signing_key: 
+specification_version: 3
+summary: HTTP request rate limiter for Rack applications.
+test_files: []