Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Rate limiting counters for post endpoint #224

Closed
szymonpiekny opened this issue Jun 15, 2021 · 4 comments
Closed

Rate limiting counters for post endpoint #224

szymonpiekny opened this issue Jun 15, 2021 · 4 comments
Labels
routes

Comments

@szymonpiekny
Copy link

Hello,
I would report issue, I have configured rate limit for endpoint:
"Endpoint": "post:/api/clients"
It works fine for endpoint: https://localhost:5001/api/clients
but when I send request to the same endpont with '/' at the end: https://localhost:5001/api/clients**/** the rate limit is not working, I don't get headers in response related to rate limit eg. X-Rate-Limit-Limit, X-Rate-Limit-Remaining or X-Rate-Limit-Reset.
It should be stored under one counter, but it doesn't work now.
Could you look at this problem?
Thanks.
@szymonpiekny
Copy link
Author

Hello,
It doesn't work now for GET endpoint, I have configured rate limit for:
"Endpoint": "get:/api/clients",
but I don't get headers in response related to rate limit eg. X-Rate-Limit-Limit, X-Rate-Limit-Remaining or X-Rate-Limit-Reset.

I tried to configure it as below:
"Endpoint": "get:/api/clients/*",
but rate limit counts separately for every parameter, if i call the same endpoint with different parameter:
/api/clients/1 it will count from 100
/api/clients/2 it will count from 100

@cristipufu
Copy link
Collaborator

cristipufu commented Jun 15, 2021
edited

get:/api/clients/* is used as the counter key - so all endpoints that match this wildcard will count toward the same limit (this is the default behavior (https://github.com/stefanprodan/AspNetCoreRateLimit/blob/master/src/AspNetCoreRateLimit/CounterKeyBuilders/PathCounterKeyBuilder.cs).

If you want to specify a different behavior (https://github.com/stefanprodan/AspNetCoreRateLimit/blob/master/src/AspNetCoreRateLimit/CounterKeyBuilders/EndpointCounterKeyBuilder.cs), you need to implement a custom counter and override the default implementation, eg:

public class CustomRateLimitConfiguration : RateLimitConfiguration
{
    public override ICounterKeyBuilder EndpointCounterKeyBuilder { get; } = new EndpointCounterKeyBuilder();
}

@szymonpiekny
Copy link
Author

Ok, if I configured it as below:
{
"Endpoint": "get:/api/clients",
"Period": "5m",
"Limit": 100
}
It should return:
call get:/api/clients/1 99
call get:/api/clients/2 98

In current version you will not get headers related to rate limit.

@cristipufu
Copy link
Collaborator

get:/api/clients is a completely different endpoint than get:/api/clients/x.

If you want to rate limit endpoints like get:/api/clients/x to count towards the same limit, you need to:

  • Set the configuration as:
{
   "Endpoint": "get:/api/clients/*",
   "Period": "5m",
   "Limit": 100
}
  • Implement a custom configuration class:
public class CustomRateLimitConfiguration : RateLimitConfiguration
{
    public override ICounterKeyBuilder EndpointCounterKeyBuilder { get; } = new EndpointCounterKeyBuilder();
}
  • Inject the new configuration:
services.AddSingleton<IRateLimitConfiguration, CustomRateLimitConfiguration>();

XzaR90 pushed a commit to XzaR90/AspNetCoreRateLimit that referenced this issue Sep 16, 2021
@cristipufu @XzaR90
Fixes stefanprodan#224 path ending with slash
8ff6515
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
routes
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@cristipufu @szymonpiekny