themaster1970sf/TShock
1
0
Fork 0
Code Issues Pull requests Projects Releases 1 Packages Wiki Activity Actions

Added rate limiting to RESTful API

Browse source 
Added token bucket and timer to degrade token bucket

Modified REST API rate limiting

Changed limiting to only be on token create and v2 token create
Added config options to choose time limits
Passed HttpContext to the execute method of endpoints

Made blocking failed API logins optional

Changed error codes on failed login to be ambiguous
Added config to decide whether all or failed logins are limited

Changed config variable names

Cleaned up duplicate code in REST rate limiting

Fixed my typo

Changed error 431 to 403
This commit is contained in:
George 2015-09-23 00:58:27 +01:00
parent 45e762abd2
commit 09a8f95a70
6 changed files with 135 additions and 50 deletions
Download patch file Download diff file Expand all files Collapse all files

10
TShockAPI/Rest/RestCommand.cs
View file

@ -65,9 +65,9 @@ namespace Rests
get { return UriVerbs.Length > 0; }
}
public virtual object Execute(RestVerbs verbs, IParameterCollection parameters, IRequest request)
public virtual object Execute(RestVerbs verbs, IParameterCollection parameters, IRequest request, IHttpContext context)
{
return callback(new RestRequestArgs(verbs, parameters, request));
return callback(new RestRequestArgs(verbs, parameters, request, context));
}
}
@ -90,17 +90,17 @@ namespace Rests
{
}
public override object Execute(RestVerbs verbs, IParameterCollection parameters, IRequest request)
public override object Execute(RestVerbs verbs, IParameterCollection parameters, IRequest request, IHttpContext context)
{
return new RestObject("401") { Error = "Not authorized. The specified API endpoint requires a token." };
}
public object Execute(RestVerbs verbs, IParameterCollection parameters, SecureRest.TokenData tokenData, IRequest request)
public object Execute(RestVerbs verbs, IParameterCollection parameters, SecureRest.TokenData tokenData, IRequest request, IHttpContext context)
{
if (tokenData.Equals(SecureRest.TokenData.None))
return new RestObject("401") { Error = "Not authorized. The specified API endpoint requires a token." };
return callback(new RestRequestArgs(verbs, parameters, request, tokenData));
return callback(new RestRequestArgs(verbs, parameters, request, tokenData, context));
}
}
}