railslove-rack-throttle 0.0.0

data/lib/rack/throttle/per_minute.rb

@@ -0,0 +1,43 @@
+module Rack; module Throttle
+  ##
+  # This rate limiter strategy throttles the application by defining a
+  # maximum number of allowed HTTP requests per minute (by default, 60
+  # requests per minute, which works out to an average of 1 request per
+  # second).
+  #
+  # Note that this strategy doesn't use a sliding time window, but rather
+  # tracks requests per distinct minute. This means that the throttling
+  # counter is reset every minute on the minute (according to the server's local
+  # timezone).
+  #
+  # @example Allowing up to 3,600 requests per minute
+  #   use Rack::Throttle::PerMinute
+  #
+  # @example Allowing up to 100 requests per minute
+  #   use Rack::Throttle::PerMinute, :max => 100
+  #
+  class PerMinute < TimeWindow
+    ##
+    # @param  [#call]                  app
+    # @param  [Hash{Symbol => Object}] options
+    # @option options [Integer] :max   (3600)
+    def initialize(app, options = {})
+      super
+    end
+
+    def max_per_minute
+      @max_per_minute ||= options[:max_per_minute] || options[:max] || 60
+    end
+
+    alias_method :max_per_window, :max_per_minute
+
+    protected
+
+    ##
+    # @param  [Rack::Request] request
+    # @return [String]
+    def cache_key(request)
+      [super, Time.now.strftime('%Y-%m-%dT%H%M')].join(':')
+    end
+  end
+end; end

data/lib/rack/throttle/time_window.rb

@@ -0,0 +1,21 @@
+module Rack; module Throttle
+  ##
+  class TimeWindow < Limiter
+    ##
+    # Returns `true` if fewer than the maximum number of requests permitted
+    # for the current window of time have been made.
+    #
+    # @param  [Rack::Request] request
+    # @return [Boolean]
+    def allowed?(request)
+      count = cache_get(key = cache_key(request)).to_i + 1 rescue 1
+      allowed = count <= max_per_window.to_i
+      begin
+        cache_set(key, count)
+        allowed
+      rescue => e
+        allowed = true
+      end
+    end
+  end
+end; end

data/lib/rack/throttle/version.rb

@@ -0,0 +1,23 @@
+module Rack; module Throttle
+  module VERSION
+    MAJOR = 0
+    MINOR = 3
+    TINY  = 0
+    EXTRA = nil
+
+    STRING = [MAJOR, MINOR, TINY].join('.')
+    STRING << "-#{EXTRA}" if EXTRA
+
+    ##
+    # @return [String]
+    def self.to_s() STRING end
+
+    ##
+    # @return [String]
+    def self.to_str() STRING end
+
+    ##
+    # @return [Array(Integer, Integer, Integer)]
+    def self.to_a() [MAJOR, MINOR, TINY] end
+  end
+end; end

data/railslove-rack-throttle.gemspec

@@ -0,0 +1,84 @@
+# Generated by jeweler
+# DO NOT EDIT THIS FILE DIRECTLY
+# Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
+# -*- encoding: utf-8 -*-
+
+Gem::Specification.new do |s|
+  s.name = %q{railslove-rack-throttle}
+  s.version = "0.0.0"
+
+  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+  s.authors = ["Arto Bendiken", "Brendon Murphy", "reddavis"]
+  s.date = %q{2010-07-14}
+  s.description = %q{Rack middleware for rate-limiting incoming HTTP requests.}
+  s.email = %q{reddavis@gmail.com}
+  s.extra_rdoc_files = [
+    "README",
+     "README.md"
+  ]
+  s.files = [
+    ".gitignore",
+     ".yardopts",
+     "AUTHORS",
+     "README",
+     "README.md",
+     "Rakefile",
+     "UNLICENSE",
+     "VERSION",
+     "doc/.gitignore",
+     "etc/gdbm.ru",
+     "etc/hash.ru",
+     "etc/memcache-client.ru",
+     "etc/memcache.ru",
+     "etc/memcached.ru",
+     "etc/redis.ru",
+     "lib/rack/throttle.rb",
+     "lib/rack/throttle/daily.rb",
+     "lib/rack/throttle/hourly.rb",
+     "lib/rack/throttle/interval.rb",
+     "lib/rack/throttle/limiter.rb",
+     "lib/rack/throttle/per_minute.rb",
+     "lib/rack/throttle/time_window.rb",
+     "lib/rack/throttle/version.rb",
+     "railslove-rack-throttle.gemspec",
+     "spec/daily_spec.rb",
+     "spec/hourly_spec.rb",
+     "spec/interval_spec.rb",
+     "spec/limiter_spec.rb",
+     "spec/per_minute_spec.rb",
+     "spec/spec_helper.rb"
+  ]
+  s.homepage = %q{http://github.com/railslove/rack-throttle}
+  s.rdoc_options = ["--charset=UTF-8"]
+  s.require_paths = ["lib"]
+  s.rubygems_version = %q{1.3.6}
+  s.summary = %q{Extension of rack-throttle - HTTP request rate limiter for Rack applications.}
+  s.test_files = [
+    "spec/daily_spec.rb",
+     "spec/hourly_spec.rb",
+     "spec/interval_spec.rb",
+     "spec/limiter_spec.rb",
+     "spec/per_minute_spec.rb",
+     "spec/spec_helper.rb"
+  ]
+
+  if s.respond_to? :specification_version then
+    current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
+    s.specification_version = 3
+
+    if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
+      s.add_development_dependency(%q<rspec>, [">= 1.2.9"])
+      s.add_development_dependency(%q<rack-test>, [">= 0.5.3"])
+      s.add_runtime_dependency(%q<rack>, [">= 1.0.0"])
+    else
+      s.add_dependency(%q<rspec>, [">= 1.2.9"])
+      s.add_dependency(%q<rack-test>, [">= 0.5.3"])
+      s.add_dependency(%q<rack>, [">= 1.0.0"])
+    end
+  else
+    s.add_dependency(%q<rspec>, [">= 1.2.9"])
+    s.add_dependency(%q<rack-test>, [">= 0.5.3"])
+    s.add_dependency(%q<rack>, [">= 1.0.0"])
+  end
+end
+

data/spec/daily_spec.rb

@@ -0,0 +1,40 @@
+require File.dirname(__FILE__) + '/spec_helper'
+
+describe Rack::Throttle::Daily do
+  include Rack::Test::Methods
+
+  before do
+    def app
+      @target_app ||= example_target_app
+      @app ||= Rack::Throttle::Daily.new(@target_app, :max_per_day => 3)
+    end
+  end
+
+  it "should be allowed if not seen this day" do
+    get "/foo"
+    last_response.body.should show_allowed_response
+  end
+
+  it "should be allowed if seen fewer than the max allowed per day" do
+    2.times { get "/foo" }
+    last_response.body.should show_allowed_response
+  end
+
+  it "should not be allowed if seen more times than the max allowed per day" do
+    4.times { get "/foo" }
+    last_response.body.should show_throttled_response
+  end
+
+  it "should be allowed if we are in a new day" do
+    Time.stub!(:now).and_return(Time.local(2000,"jan",1,0,0,0))
+
+    4.times { get "/foo" }
+    last_response.body.should show_throttled_response
+
+    forward_one_minute = Time.now + 60*60*24
+    Time.stub!(:now).and_return(forward_one_minute)
+
+    get "/foo"
+    last_response.body.should show_allowed_response
+  end
+end

data/spec/hourly_spec.rb

@@ -0,0 +1,40 @@
+require File.dirname(__FILE__) + '/spec_helper'
+
+describe Rack::Throttle::Hourly do
+  include Rack::Test::Methods
+
+  before do
+    def app
+      @target_app ||= example_target_app
+      @app ||= Rack::Throttle::Hourly.new(@target_app, :max_per_hour => 3)
+    end
+  end
+
+  it "should be allowed if not seen this hour" do
+    get "/foo"
+    last_response.body.should show_allowed_response
+  end
+
+  it "should be allowed if seen fewer than the max allowed per hour" do
+    2.times { get "/foo" }
+    last_response.body.should show_allowed_response
+  end
+
+  it "should not be allowed if seen more times than the max allowed per hour" do
+    4.times { get "/foo" }
+    last_response.body.should show_throttled_response
+  end
+
+  it "should be allowed if we are in a new hour" do
+    Time.stub!(:now).and_return(Time.local(2000,"jan",1,0,0,0))
+
+    4.times { get "/foo" }
+    last_response.body.should show_throttled_response
+
+    forward_one_minute = Time.now + 60*60
+    Time.stub!(:now).and_return(forward_one_minute)
+
+    get "/foo"
+    last_response.body.should show_allowed_response
+  end
+end

data/spec/interval_spec.rb

@@ -0,0 +1,41 @@
+require File.dirname(__FILE__) + '/spec_helper'
+
+describe Rack::Throttle::Interval do
+  include Rack::Test::Methods
+
+  before do
+    def app
+      @target_app ||= example_target_app
+      @app ||= Rack::Throttle::Interval.new(@target_app, :min => 0.1)
+    end
+  end
+
+  it "should allow the request if the source has not been seen" do
+    get "/foo"
+    last_response.body.should show_allowed_response
+  end
+
+  it "should allow the request if the source has not been seen in the current interval" do
+    get "/foo"
+    sleep 0.2 # Should time travel this instead?
+    get "/foo"
+    last_response.body.should show_allowed_response
+  end
+
+  it "should not all the request if the source has been seen inside the current interval" do
+    2.times { get "/foo" }
+    last_response.body.should show_throttled_response
+  end
+
+  it "should gracefully allow the request if the cache bombs on getting" do
+    app.should_receive(:cache_get).and_raise(StandardError)
+    get "/foo"
+    last_response.body.should show_allowed_response
+  end
+
+  it "should gracefully allow the request if the cache bombs on setting" do
+    app.should_receive(:cache_set).and_raise(StandardError)
+    get "/foo"
+    last_response.body.should show_allowed_response
+  end
+end

data/spec/limiter_spec.rb

@@ -0,0 +1,64 @@
+require File.dirname(__FILE__) + '/spec_helper'
+
+describe Rack::Throttle::Limiter do
+  include Rack::Test::Methods
+
+  before do
+    def app
+      @target_app ||= example_target_app
+      @app ||= Rack::Throttle::Limiter.new(@target_app)
+    end
+  end
+
+  describe "basic calling" do
+    it "should return the example app" do
+      get "/foo"
+      last_response.body.should show_allowed_response
+    end
+
+    it "should call the application if allowed" do
+      app.should_receive(:allowed?).and_return(true)
+      get "/foo"
+      last_response.body.should show_allowed_response
+    end
+
+    it "should give a rate limit exceeded message if not allowed" do
+      app.should_receive(:allowed?).and_return(false)
+      get "/foo"
+      last_response.body.should show_throttled_response
+    end
+  end
+
+  describe "allowed?" do
+    it "should return true if whitelisted" do
+      app.should_receive(:whitelisted?).and_return(true)
+      get "/foo"
+      last_response.body.should show_allowed_response
+    end
+
+    it "should return false if blacklisted" do
+      app.should_receive(:blacklisted?).and_return(true)
+      get "/foo"
+      last_response.body.should show_throttled_response
+    end
+
+    it "should return true if not whitelisted or blacklisted" do
+      app.should_receive(:whitelisted?).and_return(false)
+      app.should_receive(:blacklisted?).and_return(false)
+      get "/foo"
+      last_response.body.should show_allowed_response
+    end
+
+    it "should call proc when false" do
+      #proc = mock("test")
+      #@app = Rack::Throttle::Limiter.new(@target_app, :on_reject => proc)
+      #
+      #app.should_receive(:allowed?).and_return(false)
+      #proc.should_receive(:call).once
+      #
+      #get "/foo"
+      #
+      #@app = Rack::Throttle::Limiter.new(@target_app)
+    end
+  end
+end

data/spec/per_minute_spec.rb

@@ -0,0 +1,40 @@
+require File.dirname(__FILE__) + '/spec_helper'
+
+describe Rack::Throttle::PerMinute do
+  include Rack::Test::Methods
+
+  before do
+    def app
+      @target_app ||= example_target_app
+      @app ||= Rack::Throttle::PerMinute.new(@target_app, :max_per_minute => 3)
+    end
+  end
+
+  it "should be allowed if not seen this hour" do
+    get "/foo"
+    last_response.body.should show_allowed_response
+  end
+
+  it "should be allowed if seen fewer than the max allowed per hour" do
+    2.times { get "/foo" }
+    last_response.body.should show_allowed_response
+  end
+
+  it "should not be allowed if seen more times than the max allowed per hour" do
+    4.times { get "/foo" }
+    last_response.body.should show_throttled_response
+  end
+
+  it "should be allowed if we are in a new minute" do
+    Time.stub!(:now).and_return(Time.local(2000,"jan",1,0,0,0))
+
+    4.times { get "/foo" }
+    last_response.body.should show_throttled_response
+
+    forward_one_minute = Time.now + 60
+    Time.stub!(:now).and_return(forward_one_minute)
+
+    get "/foo"
+    last_response.body.should show_allowed_response
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,49 @@
+# So that the installed throttle gem doesnt interfere
+$:.unshift(File.expand_path(File.dirname(__FILE__) + "/../lib"))
+
+require 'rubygems'
+require "spec"
+require 'spec/autorun'
+require "rack/test"
+require "rack/throttle"
+
+def example_target_app
+  @target_app ||= mock("Example Rack App")
+  @target_app.stub!(:call).and_return([200, {}, "Example App Body"])
+end
+
+Spec::Matchers.define :show_allowed_response do
+  match do |body|
+    body.include?("Example App Body")
+  end
+
+  failure_message_for_should do
+    "expected response to show the allowed response"
+  end
+
+  failure_message_for_should_not do
+    "expected response not to show the allowed response"
+  end
+
+  description do
+    "expected the allowed response"
+  end
+end
+
+Spec::Matchers.define :show_throttled_response do
+  match do |body|
+    body.include?("Rate Limit Exceeded")
+  end
+
+  failure_message_for_should do
+    "expected response to show the throttled response"
+  end
+
+  failure_message_for_should_not do
+    "expected response not to show the throttled response"
+  end
+
+  description do
+    "expected the throttled response"
+  end
+end