Documentation
¶
Index ¶
- func EchoMiddleware(limiter Interface, class string) echo.MiddlewareFunc
- func HTTPMiddleware(limiter Interface, class string) func(http.Handler) http.Handler
- func Require(limiter Interface, resource Resource) error
- func StreamServerInterceptor(limiter Interface) grpc.StreamServerInterceptor
- func UnaryServerInterceptor(limiter Interface) grpc.UnaryServerInterceptor
- type Config
- type Interface
- type MemoryConfig
- type NoopRateLimiter
- type Profile
- type Resource
- func ApplicationAcceptMQTTConnectionResource(remoteAddr string) Resource
- func ApplicationMQTTDownResource(ctx context.Context, ids ttnpb.ApplicationIdentifiers, authTokenID string) Resource
- func ApplicationWebhooksDownResource(ctx context.Context, ids ttnpb.EndDeviceIdentifiers, authTokenID string) Resource
- func GatewayAcceptMQTTConnectionResource(remoteAddr string) Resource
- func GatewayUDPTrafficResource(addr *net.UDPAddr) Resource
- func GatewayUpResource(ctx context.Context, ids ttnpb.GatewayIdentifiers) Resource
- func NewCustomResource(key string, classes ...string) Resource
- type Result
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func EchoMiddleware ¶
EchoMiddleware is an Echo middleware that rate limits HTTP requests by remote IP and request URL.
func HTTPMiddleware ¶
HTTPMiddleware is an HTTP middleware that rate limits by remote IP and the request URL. The remote IP is retrieved by the X-Real-IP header. Use this middleware after webmiddleware.ProxyHeaders()
func StreamServerInterceptor ¶
func StreamServerInterceptor(limiter Interface) grpc.StreamServerInterceptor
StreamServerInterceptor is a grpc.StreamServerInterceptor that rate limits new gRPC requests and messages sent by the client. If the X-Real-IP header is not set, it is assumed that the gRPC request originates from the cluster, and no rate limits are enforced.
func UnaryServerInterceptor ¶
func UnaryServerInterceptor(limiter Interface) grpc.UnaryServerInterceptor
UnaryServerInterceptor returns a gRPC unary server interceptor that rate limits incoming gRPC requests. If the X-Real-IP header is not set, it is assumed that the request originates from the cluster, and no rate limits are enforced.
Types ¶
type Config ¶
type Config struct {
Memory MemoryConfig `name:"memory" description:"In-memory rate limiting store configuration"`
Profiles []Profile `name:"profiles" description:"Rate limiting profiles"`
}
Config represents configuration for rate limiting.
type Interface ¶
type Interface interface {
// RateLimit limits access on a Resource.
//
// The RateLimit operations returns true if the rate limit for the requested resource has been exceeded, along
// with metadata for the rate limiting operation.
RateLimit(resource Resource) (limit bool, result Result)
}
Interface can be used to rate limit access to a Resource.
type MemoryConfig ¶
type MemoryConfig struct {
MaxSize uint `name:"max-size" description:"Maximum store size for the rate limiter"`
}
MemoryConfig represents configuration for the in-memory rate limiting store.
type NoopRateLimiter ¶
type NoopRateLimiter struct{}
NoopRateLimiter does not enforce any rate limits.
type Profile ¶
type Profile struct {
Name string `name:"name" description:"Rate limiting class name"`
MaxRatePerMin uint `name:"max-rate-per-min" description:"Maximum allowed rate per minute"`
MaxBurst uint `name:"max-burst" description:"Maximum rate allowed for short bursts"`
Associations []string `name:"associations" description:"List of classes to apply this profile on"`
}
Profile represents configuration for a rate limiting class.
type Resource ¶
type Resource interface {
// Key represents the unique identifier for the resource.
Key() string
// Classes represents the rate limiting classes for the resource. A resource may
// belong in multiple classes. The limiter instance will limit access to the resource
// based on the limits of the first class that matches the configuration. If no
// class is matched, the limiter instance can fallback to a default rate limit.
Classes() []string
}
Resource represents an entity on which rate limits apply.
func ApplicationAcceptMQTTConnectionResource ¶
ApplicationAcceptMQTTConnectionResource represents a new MQTT client connection from a remote IP address.
func ApplicationMQTTDownResource ¶
func ApplicationMQTTDownResource(ctx context.Context, ids ttnpb.ApplicationIdentifiers, authTokenID string) Resource
ApplicationMQTTDownResource represents downlink traffic for an application from an MQTT client.
func ApplicationWebhooksDownResource ¶
func ApplicationWebhooksDownResource(ctx context.Context, ids ttnpb.EndDeviceIdentifiers, authTokenID string) Resource
ApplicationWebhooksDownResource represents downlink traffic for an application from a webhook.
func GatewayAcceptMQTTConnectionResource ¶
GatewayAcceptMQTTConnectionResource represents a new MQTT gateway connection from a remote address.
func GatewayUDPTrafficResource ¶
GatewayUDPTrafficResource represents UDP gateway traffic from a remote IP address.
func GatewayUpResource ¶
func GatewayUpResource(ctx context.Context, ids ttnpb.GatewayIdentifiers) Resource
GatewayUpResource represents uplink traffic from a gateway.
func NewCustomResource ¶
NewCustomResource returns a new resource. It is used internally by other components.
type Result ¶
Result contains rate limiting metadata.
func (Result) GRPCHeaders ¶
GRPCHeaders returns gRPC headers from a rate limiting result.
func (Result) SetHTTPHeaders ¶
SetHTTPHeaders sets HTTP headers from a rate limiting result.
Source Files