Added rate limiting to RESTful API
Added token bucket and timer to degrade token bucket Modified REST API rate limiting Changed limiting to only be on token create and v2 token create Added config options to choose time limits Passed HttpContext to the execute method of endpoints Made blocking failed API logins optional Changed error codes on failed login to be ambiguous Added config to decide whether all or failed logins are limited Changed config variable names Cleaned up duplicate code in REST rate limiting Fixed my typo Changed error 431 to 403
This commit is contained in:
George
parent
45e762abd2
commit
09a8f95a70
6 changed files with 135 additions and 50 deletions
|
|
@ -436,6 +436,15 @@ namespace TShockAPI
|
|||
[Description("The minimum password length for new user accounts. Minimum value is 4.")]
|
||||
public int MinimumPasswordLength = 4;
|
||||
|
||||
[Description("The maximum REST requests in the bucket before denying requests. Minimum value is 5.")]
|
||||
public int RESTMaximumRequestsPerInterval = 5;
|
||||
|
||||
[Description("How often in minutes the REST requests bucket is decreased by one. Minimum value is 1 minute.")]
|
||||
public int RESTRequestBucketDecreaseIntervalMinutes = 1;
|
||||
|
||||
[Description("Whether we should limit only the max failed login requests, or all login requests")]
|
||||
public bool RESTLimitOnlyFailedLoginRequests = true;
|
||||
|
||||
[Obsolete("This is being removed in future versions of TShock due to Terraria fixes.")]
|
||||
[Description("Enable the DCU. Very dangerous; can destroy world without consequence.")] public bool
|
||||
VeryDangerousDoNotChangeEnableDrillContainmentUnit = true;
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue