Comments (1)
Through a series of monkeypatches, I've achieved the behavior I'm looking for. Hopefully this can do a decent job of explaining my usecase. This allows me to use it in a controller like like
def show
if limiter.at_limit?(request)
@warning_message = "Attempts exceeded."
@challenge = new_captcha_form
end
end
def create
if limiter.matched_by?(request)
validate_captcha
end
rest_of_the_action
end
def limiter
limiter = Rack::Attack.track("requests from bucket", limit: 5, period: 3600) do |req|
bucket
end
end
monkeypatch:
Rack::Attack::Configuration.class_eval do
# nop'd because otherwise all Rack::Attack::Throttles are incremented
# even if the gated functionality is never exercised
def tracked?(request)
end
end
Rack::Attack::Cache.class_eval do
def get_count(unprefixed_key, period)
enforce_store_presence!
enforce_store_method_presence!(:read)
key, expires_in = key_and_expiry(unprefixed_key, period)
result = store.read(key)
result || 0
end
end
Rack::Attack::Track.class_eval do
def at_limit?(request)
filter.at_limit?(request)
end
end
Rack::Attack::Throttle.class_eval do
def at_limit?(request)
discriminator = discriminator_for(request)
return false unless discriminator
current_period = period_for(request)
current_limit = limit_for(request)
count = cache.get_count("#{name}:#{discriminator}", current_period)
count > current_limit
end
end
from rack-attack.
Related Issues (20)
- Why Fail2Ban#fail! always return true? HOT 1
- How to get blocked ips?
- Ex is stopping me from getting direct messages and is intercepting my iPhone activity how to fix
- Use of safelist_ip causes error when IP address is not set
- Rack Attack with black-listed IP's still letting those IPs in on Heroku HOT 3
- Rails request throttling just half the given limit
- Rack 3 Support HOT 4
- Using `matched_by?` without rack-attack hijacking HTTP response? HOT 1
- Metadata retention mechanism when limit/period procs are used on throttles
- Throttling period is not "rolling" HOT 1
- Feature Request: Block everything your routes.rb doesn't specify!
- Wrong Number of arguments (given 3, expected 2) HOT 1
- The CHANGELOG seems to be missing info about v6.7.0 HOT 4
- security policy HOT 1
- Feature request: testing helpers HOT 1
- designing and testing throttles HOT 6
- Observing throttle usage
- How do you add a rule without restarting the app? HOT 1
- Resetting a throttle rule for a specific client HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from rack-attack.