Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

wsgi: Middleware for delaying and rejecting requests #7

Closed
underyx opened this issue May 30, 2019 · 1 comment · Fixed by #12
Closed

wsgi: Middleware for delaying and rejecting requests #7

underyx opened this issue May 30, 2019 · 1 comment · Fixed by #12
Assignees
@paveldedik
Milestone
0.2.0

Comments

@underyx
Copy link
Contributor

underyx commented May 30, 2019
edited
Loading

Behavior

Based on system clock, do the following:

Before July 24th 13:00 UTC

Nothing.

After July 24th 13:00 UTC

Upon request, start counting request time.

Upon successful response, if the request didn't have a KW-RFC-22 compliant User-Agent header, sleep for as long as the request took, to double the response time.

After August 1st 13:00 UTC

Upon request, if the request didn't have a KW-RFC-22 compliant User-Agent header, return an HTTP 400 error explaining the User-Agent requirements.

Implementation

I recommend using https://docs.pylonsproject.org/projects/webob/en/stable/api/dec.html#webob.dec.wsgify.middleware here.

We should make the following configurable:

  • the cutoff datetimes, so we can test on a smaller batch of services

We should document the following clearly:

  • if sleep is blocking in the users' app, this could introduce overloading for their service
@underyx underyx changed the title wsgi: MIddleware for delaying and rejecting requests wsgi: Middleware for delaying and rejecting requests May 30, 2019
@underyx underyx mentioned this issue May 30, 2019
Closed
@underyx underyx added this to the 0.2.0 milestone May 30, 2019
@paveldedik paveldedik self-assigned this Jun 5, 2019
@paveldedik
Copy link
Contributor

paveldedik commented Jun 5, 2019
edited
Loading

OK, so my idea for this is something like this:

USER_AGENT_RE = re.compile(
    r"^(?P<name>\S.+?)\/(?P<version>\S.+?) \(Kiwi\.com (?P<environment>\S.+?)\)(?: ?(?P<system_info>.*))$"
)

@wsgify.middleware
def restrict_user_agent(req, app):
    if not USER_AGENT_RE.match(req.user_agent):
        return webob.exc.HTTPForbidden("Bad User-Agent: see Kiwi.com RFC #22")
    return app


@wsgify.middleware
def slowdown_requests(req, app):
    if USER_AGENT_RE.match(req.user_agent):
        return app

    now = time.time()
    resp = req.get_response(app)
    seconds = time.time() - now
    time.sleep(seconds)
    return resp

In case of flask, we can add the middlewares like this:

app = Flask(__name__)

app.wsgi_app = slowdown_requests(app.wsgi_app)

app.run()

Now the question is, if it's better to have one middleware which slowdowns/refuses requests based on the time, or have several of them which are picked when the app is started (this can be a problem as the middleware won't be applied until the app workers are restarted).

I think creating one middleware is the better option.

paveldedik added a commit that referenced this issue Jun 7, 2019
@paveldedik
wsgi: Add middleware for delaying and rejecting requests
b0e39dd 
- Fix #7
paveldedik added a commit that referenced this issue Jun 7, 2019
@paveldedik
wsgi: Add middleware for delaying and rejecting requests
1a614e2 
- Fix #7
paveldedik added a commit that referenced this issue Jun 7, 2019
@paveldedik
wsgi: Add middleware for delaying and rejecting requests
c7de13d 
- Fix #7
paveldedik added a commit that referenced this issue Jun 7, 2019
@paveldedik
wsgi: Add middleware for delaying and rejecting requests
ae6194b 
- Fix #7
@paveldedik paveldedik mentioned this issue Jun 7, 2019
Merged
paveldedik added a commit that referenced this issue Jun 7, 2019
@paveldedik
wsgi: Add middleware for delaying and rejecting requests
8768f1a 
- Fix #7
paveldedik added a commit that referenced this issue Jun 10, 2019
@paveldedik
wsgi: Add middleware for delaying and rejecting requests
148d7a8 
- Fix #7
paveldedik added a commit that referenced this issue Jun 11, 2019
@paveldedik
wsgi: Add middleware for delaying and rejecting requests
8f5d1e9 
- Fix #7
paveldedik added a commit that referenced this issue Jun 13, 2019
@paveldedik
wsgi: Add middleware for delaying and rejecting requests
1e8f428 
- Fix #7
paveldedik added a commit that referenced this issue Jun 13, 2019
@paveldedik
wsgi: Add middleware for delaying and rejecting requests
0ef5a16 
- Fix #7
paveldedik added a commit that referenced this issue Jun 14, 2019
@paveldedik
wsgi: Add middleware for delaying and rejecting requests
b6ea5a6 
- Fix #7
paveldedik added a commit that referenced this issue Jun 14, 2019
@paveldedik
wsgi: Add middleware for delaying and rejecting requests
66fa7d8 
- Fix #7
paveldedik added a commit that referenced this issue Jun 24, 2019
@paveldedik @underyx
wsgi: Add middleware for delaying and rejecting requests
0c7146f 
- Fix #7

Co-Authored-By: Bence Nagy <bence@underyx.me>
paveldedik added a commit that referenced this issue Jun 26, 2019
@paveldedik @underyx
wsgi: Add middleware for delaying and rejecting requests
350b865 
- Fix #7

Co-Authored-By: Bence Nagy <bence@underyx.me>
underyx added a commit that referenced this issue Jun 26, 2019
@paveldedik @underyx
wsgi: Add middleware for delaying and rejecting requests
361d0d2 
- Fix #7

Co-Authored-By: Bence Nagy <bence@underyx.me>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@paveldedik paveldedik

Labels
None yet
Projects
None yet
Milestone
0.2.0
Development

Successfully merging a pull request may close this issue.

wsgi: Add middleware for delaying and rejecting requests kiwicom/kiwi-platform-py
2 participants
@underyx @paveldedik