Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Log key when rate limit has been exceeded. #57

Merged
merged 2 commits into from
Jun 28, 2024
Merged

Log key when rate limit has been exceeded. #57

merged 2 commits into from
Jun 28, 2024

Conversation

popcorn
Copy link
Contributor

@popcorn popcorn commented Jun 28, 2024

Why?

I'd like to know the key for which the rate limit has been exceeded.

Test

I tested both for distributed: {} and without it.

Caddy JSON rate limit setup

{
  "handler": "rate_limit",
  "rate_limits": {
    "dynamic_example": {
      "key": "{http.request.host}",
      "window": "5m",
      "max_events": 2
    }
  },
  "storage": {
    "module": "redis",
    "address": [
      "localhost:6379"
    ],
    "username": "",
    "password": "",
    "db": 0,
    "timeout": "5",
    "key_prefix": "caddy-rate-limit",
    "encryption_key": "",
    "compression": false,
    "tls_enabled": false,
    "tls_insecure": true
  },
  "distributed": {}
}

Resulting logs (prettified)

{
  "level": "info",
  "ts": "2024-06-28T12:54:58.067Z",
  "logger": "http.handlers.rate_limit",
  "msg": "rate limit exceeded",
  "zone": "dynamic_example",
  "key": "localhost",
  "wait": 297.70859879,
  "remote_ip": "172.17.0.1"
}

I'm not an expert in Go so please let me know if this is good enough to merge.

Cheers!

@mholt
Copy link
Owner

mholt commented Jun 28, 2024

The change looks good, nice work. Although, my only concern is that it's possible for the key to contain sensitive information.

Caddy does have config options to redact certain fields, but its HTTP server, for example, redacts certain values by default (sensitive header fields for instance). I wonder if we should make this an opt-in thing. 🤔

@popcorn popcorn force-pushed the drago/log-key-when-rate-limit-exceeded branch 2 times, most recently from 8c23714 to d884263 Compare June 28, 2024 16:37
popcorn
popcorn commented Jun 28, 2024
View reviewed changes
README.md
@@ -82,10 +82,11 @@ This is an HTTP handler module, so it can be used wherever `http.handlers` modul
"window": "",
"max_events": 0
},
"storage": {},
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this is in the wrong place.

@popcorn popcorn force-pushed the drago/log-key-when-rate-limit-exceeded branch from bebafce to 4595b8a Compare June 28, 2024 16:44
@popcorn
Copy link
Contributor Author

popcorn commented Jun 28, 2024

Good thinking @mholt.

I updated the code, squashed it into a single commit and pushed.

Also I run the tests with log_key not set, set to false and true. Works as expected.

Let me know what you think.

mholt
mholt requested changes Jun 28, 2024
View reviewed changes
Copy link
Owner

@mholt mholt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Awesome, looks great! I just have one nit to reduce repetition. Let me know if you have questions/thoughts about it.

handler.go Outdated
Comment on lines 206 to 219
if h.LogKey {
h.logger.Info("rate limit exceeded",
zap.String("zone", zoneName),
zap.String("key", key),
zap.Duration("wait", wait),
zap.String("remote_ip", remoteIP),
)
} else {
h.logger.Info("rate limit exceeded",
zap.String("zone", zoneName),
zap.Duration("wait", wait),
zap.String("remote_ip", remoteIP),
)
}
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What you can do here instead to avoid duplication is logger := h.logger.With(...) and put all the basic fields in there. Then, do if h.LogKey { ... } where you can add the key like logger = h.With(zap.String("key")).

You could alternatively build a slice of zap fields instead of using logger.With().

Copy link
Contributor Author

@popcorn popcorn Jun 28, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Didn't know about that. Should be fixed now. Let me know if there's anything else.

@popcorn popcorn force-pushed the drago/log-key-when-rate-limit-exceeded branch from f0bb470 to 17db5bf Compare June 28, 2024 17:06
mholt
mholt approved these changes Jun 28, 2024
View reviewed changes
Copy link
Owner

@mholt mholt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Excellent. Nice work! Thank you

@popcorn
Copy link
Contributor Author

popcorn commented Jun 28, 2024

Cool! Do I need to do anything else in order for this to get merged?

@mholt mholt merged commit d896102 into mholt:master Jun 28, 2024
3 checks passed
@mholt
Copy link
Owner

mholt commented Jun 28, 2024

Nope. :)

@popcorn
Copy link
Contributor Author

popcorn commented Jun 28, 2024

Amazing, my first code contribution to Caddy 🤠

Cheers!

@mholt
Copy link
Owner

mholt commented Jun 28, 2024

Congrats!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mholt mholt mholt approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@popcorn @mholt