rack-attack 6.0.0 → 6.1.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +3 -3
  3. data/lib/rack/attack/throttle.rb +1 -0
  4. data/lib/rack/attack/version.rb +1 -1
  5. data/spec/rack_attack_throttle_spec.rb +33 -4
  6. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f85825803ce676e10466175d4bb99cc151d649130d6f4008bdffdc1381b4650a
4
- data.tar.gz: 2bcd9d6a9d75491df5a9ddf2f7a5128eae152245fce8f27a069f36037ebc8ddb
3
+ metadata.gz: 273111fdf125be1d54c6c956dd4a4e3abe96184a0c5608304839280e06d655a3
4
+ data.tar.gz: 7e9039aaca427b1f9312ce4739d9d1713282f7b29647988577a37b32c6cfb393
5
5
  SHA512:
6
- metadata.gz: 5c9b03bbb0e55105ebe4d2ea9a0f13a025ea7ab4903f86e07956ecbd7f7ddfcacfecbbc8239bc9ac427fcc4bd5445fa85e20732bd4d90b51f6dafeb7194bc063
7
- data.tar.gz: a31dad7fb5c9220d4a44b303103ffb12cb23843bc150b14cec38a9d0151bc73791a66a80e8a543fa09f58d36a7b0627f0b5fda4fb93953d525747840d7e1d97f
6
+ metadata.gz: deab3999e7a7f72e6e3d240f8312a38590deb1fd88aba2261c115573ac3081a5dc2e17667d184b68db8e06faf1f28dac27e44fc07867dc149c01ce3635069c42
7
+ data.tar.gz: bcfc056fd31c5f05c5fa4b517c420df227211186713dab5eeabea74917aa5236ffcac0f00455ac1b4ceb840c1f32929a4c73c84bedf3c34d00f2f04b5e93025a
data/README.md CHANGED
@@ -285,9 +285,9 @@ Rack::Attack.track("special_agent", limit: 6, period: 60) do |req|
285
285
  end
286
286
 
287
287
  # Track it using ActiveSupport::Notification
288
- ActiveSupport::Notifications.subscribe("rack.attack") do |name, start, finish, request_id, payload|
288
+ ActiveSupport::Notifications.subscribe("track.rack_attack") do |name, start, finish, request_id, payload|
289
289
  req = payload[:request]
290
- if req.env['rack.attack.matched'] == "special_agent" && req.env['rack.attack.match_type'] == :track
290
+ if req.env['rack.attack.matched'] == "special_agent"
291
291
  Rails.logger.info "special_agent: #{req.path}"
292
292
  STATSD.increment("special_agent")
293
293
  end
@@ -354,7 +354,7 @@ end
354
354
  For responses that did not exceed a throttle limit, Rack::Attack annotates the env with match data:
355
355
 
356
356
  ```ruby
357
- request.env['rack.attack.throttle_data'][name] # => { :count => n, :period => p, :limit => l, :epoch_time => t }
357
+ request.env['rack.attack.throttle_data'][name] # => { discriminator: d, count: n, period: p, limit: l, epoch_time: t }
358
358
  ```
359
359
 
360
360
  ## Logging & Instrumentation
data/lib/rack/attack/throttle.rb CHANGED
@@ -31,6 +31,7 @@ module Rack
31
31
  epoch_time = cache.last_epoch_time
32
32
 
33
33
  data = {
34
+ discriminator: discriminator,
34
35
  count: count,
35
36
  period: current_period,
36
37
  limit: current_limit,
data/lib/rack/attack/version.rb CHANGED
@@ -2,6 +2,6 @@
2
2
 
3
3
  module Rack
4
4
  class Attack
5
- VERSION = '6.0.0'
5
+ VERSION = '6.1.0'
6
6
  end
7
7
  end
data/spec/rack_attack_throttle_spec.rb CHANGED
@@ -22,7 +22,14 @@ describe 'Rack::Attack.throttle' do
22
22
  end
23
23
 
24
24
  it 'should populate throttle data' do
25
- data = { count: 1, limit: 1, period: @period, epoch_time: Rack::Attack.cache.last_epoch_time.to_i }
25
+ data = {
26
+ count: 1,
27
+ limit: 1,
28
+ period: @period,
29
+ epoch_time: Rack::Attack.cache.last_epoch_time.to_i,
30
+ discriminator: "1.2.3.4"
31
+ }
32
+
26
33
  last_request.env['rack.attack.throttle_data']['ip/sec'].must_equal data
27
34
  end
28
35
  end
@@ -39,7 +46,15 @@ describe 'Rack::Attack.throttle' do
39
46
  it 'should tag the env' do
40
47
  last_request.env['rack.attack.matched'].must_equal 'ip/sec'
41
48
  last_request.env['rack.attack.match_type'].must_equal :throttle
42
- last_request.env['rack.attack.match_data'].must_equal(count: 2, limit: 1, period: @period, epoch_time: Rack::Attack.cache.last_epoch_time.to_i)
49
+
50
+ last_request.env['rack.attack.match_data'].must_equal(
51
+ count: 2,
52
+ limit: 1,
53
+ period: @period,
54
+ epoch_time: Rack::Attack.cache.last_epoch_time.to_i,
55
+ discriminator: "1.2.3.4"
56
+ )
57
+
43
58
  last_request.env['rack.attack.match_discriminator'].must_equal('1.2.3.4')
44
59
  end
45
60
 
@@ -67,7 +82,14 @@ describe 'Rack::Attack.throttle with limit as proc' do
67
82
  end
68
83
 
69
84
  it 'should populate throttle data' do
70
- data = { count: 1, limit: 1, period: @period, epoch_time: Rack::Attack.cache.last_epoch_time.to_i }
85
+ data = {
86
+ count: 1,
87
+ limit: 1,
88
+ period: @period,
89
+ epoch_time: Rack::Attack.cache.last_epoch_time.to_i,
90
+ discriminator: "1.2.3.4"
91
+ }
92
+
71
93
  last_request.env['rack.attack.throttle_data']['ip/sec'].must_equal data
72
94
  end
73
95
  end
@@ -91,7 +113,14 @@ describe 'Rack::Attack.throttle with period as proc' do
91
113
  end
92
114
 
93
115
  it 'should populate throttle data' do
94
- data = { count: 1, limit: 1, period: @period, epoch_time: Rack::Attack.cache.last_epoch_time.to_i }
116
+ data = {
117
+ count: 1,
118
+ limit: 1,
119
+ period: @period,
120
+ epoch_time: Rack::Attack.cache.last_epoch_time.to_i,
121
+ discriminator: "1.2.3.4"
122
+ }
123
+
95
124
  last_request.env['rack.attack.throttle_data']['ip/sec'].must_equal data
96
125
  end
97
126
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-attack
3
3
  version: !ruby/object:Gem::Version
4
- version: 6.0.0
4
+ version: 6.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Aaron Suggs
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-04-17 00:00:00.000000000 Z
11
+ date: 2019-07-11 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rack
@@ -282,7 +282,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
282
282
  - !ruby/object:Gem::Version
283
283
  version: '0'
284
284
  requirements: []
285
- rubygems_version: 3.0.3
285
+ rubygems_version: 3.0.4
286
286
  signing_key:
287
287
  specification_version: 4
288
288
  summary: Block & throttle abusive requests