limiter 0.0.2

data/.gitignore

@@ -0,0 +1,19 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp
+*~
+nbproject/*

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in limiter.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2012 wangxz
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,37 @@
+# Limiter
+
+Rack middleware for rate-limiting incoming HTTP requests with black_list and white_list support.
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'limiter', :git => "git://github.com/csdn-dev/limiter.git"
+
+And then execute:
+
+    $ bundle
+
+## Usage
+
+```ruby
+# config/initializers/limiter.rb
+require File.expand_path("../redis", __FILE__)
+Rails.configuration.app_middleware.insert_before(Rack::MethodOverride,
+                                                 Limiter::RateLimiter,
+                                                 :black_list => Limiter::BlackList.new($redis),
+                                                 :white_list => Limiter::WhiteList.new($redis),
+                                                 :allow_path => Rails.env.development? ? /^\/(assets|human_validations|simple_captcha)/ :
+                                                                                         /^\/(human_validations|simple_captcha)/,
+                                                 :message => "<a href='/human_validations/new'>我不是机器人</a>",
+                                                 :visit_counter => Limiter::VisitCounter.new($redis)
+                                                )
+```
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile

@@ -0,0 +1 @@
+require "bundler/gem_tasks"

data/lib/limiter.rb

@@ -0,0 +1,7 @@
+# -*- encoding : utf-8 -*-
+require "limiter/version"
+require "limiter/base"
+require "limiter/white_list"
+require "limiter/black_list"
+require "limiter/rate_limiter"
+require "limiter/visit_counter"

data/lib/limiter/base.rb

@@ -0,0 +1,142 @@
+# -*- encoding : utf-8 -*-
+# This is the base class for rate limiter implementations.
+#
+# @example Defining a rate limiter subclass
+#   class MyLimiter < Limiter::Base
+#     def allowed?(request)
+#       # TODO: custom logic goes here
+#     end
+#   end
+#
+module Limiter
+  class Base
+    attr_reader :app
+    attr_reader :options
+    attr_reader :white_list
+    attr_reader :black_list
+    attr_reader :allow_path
+    attr_reader :allow_agent
+
+    ##
+    # @param  [#call]                    app
+    # @param  [Hash{Symbol => Object}]   options
+    # @option options [BlackList]        :black_list  (BlackList.new($redis))
+    # @option options [WhiteList]        :white_list  (WhiteList.new($redis))
+    # @option options [String/Regexp]    :allow_path  ("/human_test")
+    # @option options [Regex]            :allow_agent (/agent1|agent2/)
+    # @option options [Integer]          :code        (403)
+    # @option options [String]           :message     ("Rate Limit Exceeded")
+    
+    def initialize(app, options = {})
+      @black_list  = options[:black_list]
+      @white_list  = options[:white_list]
+      @allow_path  = options[:allow_path]
+      @allow_agent = options[:allow_agent]
+      @app, @options = app, options
+    end
+
+    ##
+    # @param  [Hash{String => String}] env
+    # @return [Array(Integer, Hash, #each)]
+    # @see    http://rack.rubyforge.org/doc/SPEC.html
+    def call(env)
+      request = Rack::Request.new(env)
+      allowed?(request) ? app.call(env) : rate_limit_exceeded
+    end
+
+    ##
+    # Returns `false` if the rate limit has been exceeded for the given
+    # `request`, or `true` otherwise.
+    #
+    # Override this method in subclasses that implement custom rate limiter
+    # strategies.
+    #
+    # @param  [Rack::Request] request
+    # @return [Boolean]
+    def allowed?(request)
+      case
+      when allow_path?(request)  then true
+      when allow_agent?(request) then true
+      when whitelisted?(request) then true
+      when blacklisted?(request) then false
+      else nil # override in subclasses
+      end
+    end
+
+    def whitelisted?(request)
+      white_list.member?(client_identifier(request))
+    end
+
+    def blacklisted?(request)
+      black_list.member?(client_identifier(request))
+    end
+
+    def allow_path?(request)
+      if allow_path.is_a?(Regexp)
+        request.path =~ allow_path
+      else
+        request.path == allow_path
+      end
+    end
+
+    def allow_agent?(request)
+      return false unless allow_agent
+      request.user_agent.to_s =~ allow_agent
+    end
+
+    protected
+
+    ##
+    # @param  [Rack::Request] request
+    # @return [String]
+    def client_identifier(request)
+      request.ip.to_s
+    end
+
+    ##
+    # @param  [Rack::Request] request
+    # @return [Float]
+    def request_start_time(request)
+      case
+      when request.env.has_key?('HTTP_X_REQUEST_START')
+        request.env['HTTP_X_REQUEST_START'].to_f / 1000
+      else
+        Time.now.to_f
+      end
+    end
+
+    ##
+    # Outputs a `Rate Limit Exceeded` error.
+    #
+    # @return [Array(Integer, Hash, #each)]
+    def rate_limit_exceeded
+      headers = respond_to?(:retry_after) ? {'Retry-After' => retry_after.to_f.ceil.to_s} : {}
+      http_error(options[:code] || 403, options[:message], headers)
+    end
+
+    ##
+    # Outputs an HTTP `4xx` or `5xx` response.
+    #
+    # @param  [Integer]                code
+    # @param  [String, #to_s]          message
+    # @param  [Hash{String => String}] headers
+    # @return [Array(Integer, Hash, #each)]
+    def http_error(code, message = nil, headers = {})
+      body = if message 
+               [message]
+             else
+               [http_status(code) + " : Rate Limit Exceeded\n"]
+             end
+      [code, {'Content-Type' => 'text/html; charset=utf-8'}.merge(headers), body]
+    end
+
+    ##
+    # Returns the standard HTTP status message for the given status `code`.
+    #
+    # @param  [Integer] code
+    # @return [String]
+    def http_status(code)
+      [code, Rack::Utils::HTTP_STATUS_CODES[code]].join(' ')
+    end
+  end
+end

data/lib/limiter/black_list.rb

@@ -0,0 +1,28 @@
+# -*- encoding : utf-8 -*-
+module Limiter
+  class BlackList
+    def initialize(cache_store)
+      @cache_store = cache_store
+    end
+
+    def list
+      @cache_store.smembers(key)
+    end
+
+    def add(ip)
+      @cache_store.sadd(key, ip)
+    end
+
+    def remove(ip)
+      @cache_store.srem(key, ip)
+    end
+
+    def member?(ip)
+      @cache_store.sismember(key, ip)
+    end
+
+    def key
+      "limiter/black_list"
+    end
+  end
+end

data/lib/limiter/rate_limiter.rb

@@ -0,0 +1,54 @@
+# -*- encoding : utf-8 -*-
+module Limiter
+  class RateLimiter < Base
+    GET_TTL = 20.minutes
+    MAX_GET_NUM = 1000
+    
+    POST_TTL = 5.seconds
+    MAX_POST_NUM = 20
+
+    def initialize(app, options = {})
+      super
+    end
+
+    def visit_counter
+      @visit_counter ||= options[:visit_counter]
+    end
+
+    def allowed?(request)
+      common_allowed = super
+      return true if common_allowed == true
+      return false if common_allowed == false
+
+      client_id = client_identifier(request)
+      post_count = read_and_incr_post_num(request, client_id)
+      get_count = read_and_incr_get_num(request, client_id)
+      
+      return false if (get_count > MAX_GET_NUM || post_count > MAX_POST_NUM)
+      return true
+    end
+
+    def client_identifier(request)
+      # 61.135.163.4 -> 61.135.163.0
+      request.ip.to_s.sub(/\.\d+$/, ".0")
+    end
+
+    private
+
+    def read_and_incr_post_num(request, client_id)
+      if request.post?
+        post_count = visit_counter.count(client_id, "POST")
+        visit_counter.incr(client_id, "POST", POST_TTL)
+        return post_count
+      end
+      return 0
+    end
+
+    def read_and_incr_get_num(request, client_id)
+      get_count = visit_counter.count(client_id, "GET")
+      visit_counter.incr(client_id, "GET", GET_TTL)
+      return get_count
+    end
+   
+  end
+end

data/lib/limiter/version.rb

@@ -0,0 +1,4 @@
+# -*- encoding : utf-8 -*-
+module Limiter
+  VERSION = "0.0.2"
+end

data/lib/limiter/visit_counter.rb

@@ -0,0 +1,35 @@
+# -*- encoding : utf-8 -*-
+module Limiter
+  class VisitCounter
+    def initialize(cache_store)
+      @cache_store = cache_store
+    end
+
+    def remove(ip, method)
+      cache_key = [key, ip, method].join("/")
+      @cache_store.del(cache_key)
+    end
+
+    def incr(ip, method, ttl)
+      cache_key = [key, ip, method].join("/")
+      @cache_store.multi do
+        @cache_store.incr(cache_key)
+        @cache_store.expire(cache_key, ttl)
+      end
+    end
+
+    def count(ip, method)
+      cache_key = [key, ip, method].join("/")
+      @cache_store.get(cache_key).to_i
+    end
+
+    def set(ip, method, ttl, num)
+      cache_key = [key, ip, method].join("/")
+      @cache_store.setex(cache_key, ttl, num)
+    end
+
+    def key
+      "limiter/vc"
+    end
+  end
+end

data/lib/limiter/white_list.rb

@@ -0,0 +1,28 @@
+# -*- encoding : utf-8 -*-
+module Limiter
+  class WhiteList
+    def initialize(cache_store)
+      @cache_store = cache_store
+    end
+    
+    def list
+      @cache_store.smembers(key)
+    end
+
+    def add(ip)
+      @cache_store.sadd(key, ip)
+    end
+
+    def remove(ip)
+      @cache_store.srem(key, ip)
+    end
+
+    def member?(ip)
+      @cache_store.sismember(key, ip)
+    end
+
+    def key
+      "limiter/white_list"
+    end
+  end
+end

data/limiter.gemspec

@@ -0,0 +1,19 @@
+# -*- encoding: utf-8 -*-
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'limiter/version'
+
+Gem::Specification.new do |gem|
+  gem.name          = "limiter"
+  gem.version       = Limiter::VERSION
+  gem.authors       = ["wangxz"]
+  gem.email         = ["wangxz@csdn.net"]
+  gem.description   = %q{Write a gem description}
+  gem.summary       = %q{Write a gem summary}
+  gem.homepage      = ""
+
+  gem.files         = `git ls-files`.split($/)
+  gem.executables   = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
+  gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
+  gem.require_paths = ["lib"]
+end

metadata

@@ -0,0 +1,58 @@
+--- !ruby/object:Gem::Specification
+name: limiter
+version: !ruby/object:Gem::Version
+  version: 0.0.2
+  prerelease: 
+platform: ruby
+authors:
+- wangxz
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2012-10-26 00:00:00.000000000 Z
+dependencies: []
+description: Write a gem description
+email:
+- wangxz@csdn.net
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- lib/limiter.rb
+- lib/limiter/base.rb
+- lib/limiter/black_list.rb
+- lib/limiter/rate_limiter.rb
+- lib/limiter/version.rb
+- lib/limiter/visit_counter.rb
+- lib/limiter/white_list.rb
+- limiter.gemspec
+homepage: ''
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.24
+signing_key: 
+specification_version: 3
+summary: Write a gem summary
+test_files: []