sjs/rack-attack
1
0
Fork 0
mirror of https://github.com/samsonjs/rack-attack.git synced 2026-03-25 09:25:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
195 commits 1 branch 0 tags 1.1 MiB
Commit graph

66 commits

Author SHA1 Message Date
blahed
97dce48bfc add throttle discriminator to rack env 2014-05-01 22:20:13 -04:00
Aaron Suggs
430672d8f4 Update changelog for v4.0.0 2014-04-28 15:45:13 -04:00
hakanensari
5d72c6e5f9 Move individual proxy classes to separate files 2014-04-15 16:19:43 +01:00
hakanensari
f0a53f474e Stub #with on delegator 2014-04-09 13:15:00 +01:00
hakanensari
937cd3ca20 Merge branch 'master' into patch-3 2014-04-09 12:17:10 +01:00
hakanensari
1c0bc3da4d Merge branch 'patch-2' into patch-3 
Conflicts:
	lib/rack/attack/store_proxy.rb
 2014-04-09 12:16:16 +01:00
Aaron Suggs
66231dc5b2 v3.1.0 2014-04-04 16:16:31 -04:00
Tristan Dunn
16f1cfc578 Add a custom request class to allow for helper methods. 
Fixes #58.
 2014-04-04 14:41:59 -05:00
Aaron Suggs
ea09a49538 Merge pull request #54 from stevehodgkiss/dont_override_new_and_return_a_class 
Rack::Attack.new should return an instance of a class, not the Rack::Attack constant
 2014-04-03 22:37:05 -04:00
Steve Hodgkiss
93421efa5a Tidy up defaults. We don't need to use ||= because this runs when the class gets loaded, and we won't have user supplied defaults yet. 2014-04-02 17:12:28 +11:00
Steve Hodgkiss
332dd4ff9e Delegate to class methods with forwardable 2014-04-02 17:08:46 +11:00
hakanensari
92be2791ab Handle older Dalli clients 2014-04-01 12:23:10 +01:00
hakanensari
128c5aa9bf Support a Dalli Connection Pool 2014-04-01 12:10:32 +01:00
hakanensari
adab844784 Support older dalli client versions 2014-04-01 11:21:14 +01:00
Steve Hodgkiss
c3a077442a Make Rack::Attack a class and Rack::Attack.new return an instance of that class, rather than Rack::Attack. 2014-03-28 14:53:51 +11:00
hakanensari
a7ec48fb44 Implement Proxy for Dalli 
kickstarter/rack-attack#52
 2014-03-26 21:54:12 +00:00
Aaron Suggs
7c6cead69c Version 3.0.0; update changelog 2014-03-15 08:01:55 -04:00
Will Kimeria
87f628d0c1 If redis client throws exception, don't raise it 
For throttling, when the redis client throws an exception, the request
ends up getting rate limited. Modify this to be similar to how
ActiveSupport.MemCacheStore functions (the read, write and increment
methods do not raise exceptions)
 2014-03-14 11:50:59 -07:00
Carsten Zimmermann
1095f85242 Change response body to 'Forbidden' 2014-02-06 23:29:44 +01:00
Carsten Zimmermann
97a43f7e66 Return 403 Forbidden instead of 401 
401 Unauthorized suggests that the requests can be
retried with appropriate credentials. 403 explicitly
states that the request should not be repeated.

See #41
 2014-02-06 21:32:51 +01:00
Jordan Moncharmont
273e045f10 fix edge case, if maxretry is 1, let them get 1 request in 2013-09-27 17:35:01 -07:00
Jordan Moncharmont
ef59c5182a Allow2Ban 
An alternate to fail2ban that allows clients until they hit the
thresholds, then blocks them.  Think of it like a throttle where you can
block for more than one period.
 2013-09-27 17:18:52 -07:00
Aaron Suggs
1d367f5acd version 2.3.0, update changelog, copy tweaks 2013-08-20 11:39:44 -04:00
Pedro Nascimento
ab6d7b239d Allow limit option to be a proc. 
This allows you to do stuff like:
`req.env["USER"] == "god" ? 1000 : 1`
 2013-08-19 19:47:48 -03:00
Aaron Suggs
98eec24a8c Update changelog, version 2.2.1 2013-08-05 21:14:16 -04:00
Alex Volkovitsky & Sachin Maharjan
cfbee2c552 Use correct HTTP status codes for blackist and throttle 2013-06-28 10:55:28 -07:00
Aaron Suggs
9388e98eb0 version 2.2.0 2013-06-20 11:05:00 -04:00
Aaron Suggs
24143dd195 Cleanup whitespace 2013-06-20 10:19:56 -04:00
madlep
2819e0d7a4 collapse fail2ban name/discriminator into one argument 2013-06-17 08:50:39 +10:00
madlep
94a304b815 reorder logic to not repeatedly extend ban after more failed requests 2013-06-14 12:49:53 +10:00
madlep
3f1c98a868 Fail2Ban helper 
based on gist from @ktheory https://gist.github.com/ktheory/5723534

Modified slightly to use fail2ban `filter` terminology to simplify
Rack::Attack initializer configuration (only one block is requred for
this approach instead of 2)
 2013-06-12 15:51:13 +10:00
madlep
6c259ea9be delegate Redis custom logic to StoreProxy 
this removes ugly `if redis blah` code from cache
 2013-06-12 15:03:39 +10:00
madlep
22fc386bad add read/write methods to cache 2013-06-12 15:03:24 +10:00
Aaron Suggs
d1cf2a2eea bump to version 2.1.1 2013-05-16 14:24:41 -04:00
Han Chang
2a91eb6c55 Fix #14 2013-05-10 22:08:31 +00:00
Aaron Suggs
22f051fa2d Merge pull request #10 from vipulnsward/mandatory_options 
extract mandatory options constant
 2013-05-03 07:41:02 -07:00
Vipul A M
7f3a24022b extract mandatory options constant 2013-05-03 09:25:43 +05:30
Vipul A M
709a2331c0 Remove unused var 2013-05-03 09:19:09 +05:30
Vipul A M
d3a9667474 Fix typos 2013-05-03 00:55:23 +05:30
Aaron Suggs
917d47758e Add newlines to default responses 2013-03-04 21:06:15 -05:00
Aaron Suggs
1c01e6097c bump to version 2.1.0 2013-02-25 22:39:11 -05:00
Aaron Suggs
cf508e1d18 Support RedisStore as cache store 
Add tests for different cache stores
 2013-02-25 12:09:59 -05:00
Aaron Suggs
27a13f6971 Clarify algorithm 2013-01-17 12:06:16 -05:00
Aaron Suggs
0ca7b8cfac whitespace 2013-01-17 12:06:16 -05:00
Aaron Suggs
3bcb453464 Version 2.0.0 2013-01-11 14:41:27 -05:00
Aaron Suggs
b577dae1c0 use each_value instead of each 2013-01-11 14:32:20 -05:00
Aaron Suggs
80367e1e4a Add Rack::Attack.track. 
track will fire notifications, but not alter request processing
 2013-01-10 19:02:49 -05:00
Aaron Suggs
eeb238b78d Use autoload instead of require 2013-01-10 18:36:31 -05:00
Aaron Suggs
5b864ca3d1 version bump 1.3.2 2012-08-15 18:16:12 -04:00
Aaron Suggs
f7a1eac521 Cache key time must be a fixnum 2012-08-15 18:16:12 -04:00