[10.x] Custom RateLimiter increase #50197
Conversation
driesvints
changed the title
|
Is adding an optional third parameter |
|
I see the need here, but is method names like |
|
Do you have a suggestion you think is clearer? |
I would suggest This way we don`t have two ambiguous method names but just kind of "expand" the existing one |
|
Hey, trying to understand how the new RateLimiter::for('api', function (Request $request) {
return Limit::perMinute(5)->by($request->user()?->id ?: $request->ip());
});What would be the key for the increment method now? Or do you know if this only works when used like this? if (RateLimiter::tooManyAttempts('send-message:'.$user->id, $perMinute = 5)) {
return 'Too many attempts!';
}
RateLimiter::hit('send-message:'.$user->id); |
|
I have only ever used it in the second way you show here so I would say that right now it only works when used that way yes. |
|
Ok, thanks, I thought so, too, since this was the only way I made it work. Still great work 👍 |
7 participants
Context
Sometimes a rate limit doesn't map directly to an increase of 1 at a time. Some examples would be:
For such rate limits today, the only available options via the
RateLimiterclass would be to loop and call->hitfor as many times as we want to increment.This becomes impractical when the number we want to increment by increases since each
hitrequires updating a cache server.Where do we use this?
At Square, we use a mechanism in queued jobs where we give higher / lower priority to certain users depending how much compute they've used across multiple jobs.
That is decided by counting the time spent across all queue workers up to a given limit over time. So rate limiting based not on each 1 job counting for 1 but instead counting for how many milliseconds were spent on the job.
So for a job running in 250ms, it would be easier to increment the number of attempts by 250 directly.
Proposal
Introduce additional
incrementpublic method on theRateLimiterclass to enable incrementing by a custom amount.