Skip to content

Commit

Permalink
backend: add rate limitation using actix-governor. fix #16
Browse files Browse the repository at this point in the history
  • Loading branch information
ffreddow committed Dec 16, 2024
1 parent 1483c2d commit 6f7a5e8
Show file tree
Hide file tree
Showing 2 changed files with 62 additions and 0 deletions.
50 changes: 50 additions & 0 deletions backend/src/key_extractor.rs
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
/* esp32-remote-access
* Copyright (C) 2024 Frederic Henrichs <[email protected]>
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the
* Free Software Foundation, Inc., 59 Temple Place - Suite 330,
* Boston, MA 02111-1307, USA.
*/

use actix_governor::{KeyExtractor, SimpleKeyExtractionError};

/**
* The struct used to extract ip for ratelimiting
*/
#[derive(Clone)]
pub struct Extractor;

impl KeyExtractor for Extractor {
type Key = String;
type KeyExtractionError = SimpleKeyExtractionError<&'static str>;

fn extract(&self, req: &actix_web::dev::ServiceRequest) -> Result<Self::Key, Self::KeyExtractionError> {
let info = req.connection_info();
if let Some(ip) = info.realip_remote_addr() {
Ok(ip.to_string())
} else {
Err(SimpleKeyExtractionError::new("Invalid real IP"))
}
}

fn name(&self) -> &'static str {
"KeyExtractor"
}
}

impl Extractor {
pub fn new() -> Self {
Self
}
}
12 changes: 12 additions & 0 deletions backend/src/main.rs
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@
*/

mod monitoring;
mod key_extractor;

use std::{
collections::HashMap,
Expand All @@ -26,12 +27,14 @@ use std::{
time::Duration,
};

use actix_governor::{Governor, GovernorConfigBuilder};
use backend::utils::get_connection;
pub use backend::*;

use actix_web::{middleware::Logger, web, App, HttpServer};
use db_connector::{get_connection_pool, run_migrations, Pool};
use diesel::prelude::*;
use key_extractor::Extractor;
use lettre::{transport::smtp::authentication::Credentials, SmtpTransport};
use simplelog::{ColorChoice, CombinedLogger, Config, LevelFilter, TermLogger, TerminalMode};
use udp_server::packet::{
Expand Down Expand Up @@ -167,11 +170,20 @@ async fn main() -> std::io::Result<()> {

udp_server::start_server(bridge_state.clone()).unwrap();

// Config for rate limitation
let governor_config = GovernorConfigBuilder::default()
.key_extractor(Extractor::new())
.requests_per_second(2)
.burst_size(20)
.finish()
.unwrap();

HttpServer::new(move || {
let cors = actix_cors::Cors::permissive();
App::new()
.wrap(cors)
.wrap(Logger::default())
.wrap(Governor::new(&governor_config))
.app_data(state.clone())
.app_data(bridge_state.clone())
.configure(routes::configure)
Expand Down

0 comments on commit 6f7a5e8

Please sign in to comment.