Added support for rate limit

thekrugers · Jul 11, 2015 · c598538 · c598538
1 parent 6a98701
commit c598538
Show file tree

Hide file tree

Showing 3 changed files with 27 additions and 1 deletion.
diff --git a/config-template.py b/config-template.py
@@ -14,6 +14,10 @@
 # Callback URI for OAuth
 #OAUTH_CALLBACK_URI = 'https://' + APP_DOMAIN + '/logged-in'
 
+# Sets a limit for how many requests can be performed in
+# an hour for a single keyid+ip pair
+#RATE_LIMIT = 4
+
 # Conditional setup example:
 #if TESTING:
 #    OAUTH_CALLBACK_URI = 'http://localhost:12080/logged-in'

diff --git a/main.py b/main.py
@@ -390,6 +390,23 @@ def get(self):
             keyid = authid[:authid.index(':')]
             password = authid[authid.index(':')+1:]
 
+
+            if settings.RATE_LIMIT > 0:
+
+                ratelimiturl = '/ratelimit?id=' + keyid + '&adr=' + self.request.remote_addr
+                ratelimit = memcache.get(ratelimiturl)
+
+                if ratelimit == None:
+                    memcache.add(key=ratelimiturl, value=1, time=60*60)
+                elif ratelimit > settings.RATE_LIMIT:
+                    logging.info('Rate limit response to: %s', keyid)
+                    self.response.headers['X-Reason'] = 'Too many request for this key, wait 60 minutes'
+                    self.response.set_status(503, 'Too many request for this key, wait 60 minutes')
+                    return
+                else:
+                    memcache.incr(ratelimiturl)
+
+
             cacheurl = '/refresh?id=' + keyid + '&h=' + hashlib.sha256(password).hexdigest()
 
             cached_res = memcache.get(cacheurl)

diff --git a/settings.py b/settings.py
@@ -21,7 +21,7 @@
 GD_CLIENT_SECRET='XXXXXXXXXXXXXXXXXXXX'
 HC_CLIENT_ID='XXXXXXXXXXXXXXXXXXXX'
 HC_CLIENT_SECRET='XXXXXXXXXXXXXXXXXXXX'
-
+RATE_LIMIT=0
 
 try:
     from config import WL_CLIENT_ID
@@ -56,6 +56,11 @@
 except ImportError:
     pass
 
+try:
+    from config import RATE_LIMIT
+except ImportError:
+    pass
+
 try:
     from config import TESTING
 except ImportError: