Merge pull request #26 from zhanknight/rate_limiting

Add rate limiting to API
zhanknight · Nov 8, 2023 · ff0335a · ff0335a
2 parents c038b67 + 955385e
commit ff0335a
Show file tree

Hide file tree

Showing 4 changed files with 39 additions and 0 deletions.
diff --git a/TacoPoetry.API/TacoPoetry.API/Controllers/AuthorsController.cs b/TacoPoetry.API/TacoPoetry.API/Controllers/AuthorsController.cs
@@ -1,11 +1,13 @@
 using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.RateLimiting;
 using TacoPoetry.API.Models;
 using TacoPoetry.API.Services.Interfaces;
 
 namespace TacoPoetry.API.Controllers;
 
 [ApiController]
 [Route("[controller]")]
+[EnableRateLimiting("slidingWindow")]
 public class AuthorsController : ControllerBase
 {
     private readonly ILogger<AuthorsController> _logger;

diff --git a/TacoPoetry.API/TacoPoetry.API/Controllers/ContentController.cs b/TacoPoetry.API/TacoPoetry.API/Controllers/ContentController.cs
@@ -1,11 +1,14 @@
 using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.RateLimiting;
 using TacoPoetry.API.Models;
 using TacoPoetry.API.Services.Interfaces;
 
 namespace TacoPoetry.API.Controllers;
 
 [ApiController]
 [Route("[controller]")]
+[EnableRateLimiting("slidingWindow")]
+
 public class ContentController : ControllerBase
 {
     private readonly ILogger<ContentController> _logger;

diff --git a/TacoPoetry.API/TacoPoetry.API/Controllers/TagsController.cs b/TacoPoetry.API/TacoPoetry.API/Controllers/TagsController.cs
@@ -1,11 +1,14 @@
 using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.RateLimiting;
 using TacoPoetry.API.Models;
 using TacoPoetry.API.Services.Interfaces;
 
 namespace TacoPoetry.API.Controllers;
 
 [ApiController]
 [Route("[controller]")]
+[EnableRateLimiting("slidingWindow")]
+
 public class TagsController : ControllerBase
 {
     private readonly ILogger<TagsController> _logger;

diff --git a/TacoPoetry.API/TacoPoetry.API/Program.cs b/TacoPoetry.API/TacoPoetry.API/Program.cs
@@ -1,4 +1,7 @@
+using Microsoft.AspNetCore.RateLimiting;
 using Microsoft.EntityFrameworkCore;
+using System.Globalization;
+using System.Threading.RateLimiting;
 using TacoPoetry.API.Contexts;
 using TacoPoetry.API.Services;
 using TacoPoetry.API.Services.Interfaces;
@@ -20,8 +23,36 @@
 
 builder.Services.AddSwaggerGen();
 
+builder.Services.AddRateLimiter(opt =>
+{
+    opt.OnRejected = (context, _) =>
+        {
+        if (context.Lease.TryGetMetadata(MetadataName.RetryAfter, out var retryAfter))
+            {
+                context.HttpContext.Response.Headers.RetryAfter =
+                    ((int)retryAfter.TotalSeconds).ToString(NumberFormatInfo.InvariantInfo);
+            }
+
+        context.HttpContext.Response.StatusCode = StatusCodes.Status429TooManyRequests;
+        context.HttpContext.Response.WriteAsync("Too many requests. Please try again later.");
+
+        return new ValueTask();
+        };
+
+    opt.AddSlidingWindowLimiter(policyName: "slidingWindow", options =>
+        {
+        options.PermitLimit = 4;
+        options.Window = TimeSpan.FromSeconds(10);
+        options.SegmentsPerWindow = 2;
+        options.QueueProcessingOrder = QueueProcessingOrder.OldestFirst;
+        options.QueueLimit = 3;
+        });
+});
+
 var app = builder.Build();
 
+app.UseRateLimiter();
+
 app.MapHealthChecks("/healthytaco");
 
 // Configure the HTTP request pipeline.