implement api limiting

2013-03-20 16:35:35 -07:00
parent 7470d189c3
commit 2ac22d07cd
7 changed files with 73 additions and 14 deletions
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -13,9 +13,16 @@ class ApplicationController < ActionController::Base

 protected
  def api_check
-    if CurrentUser.is_anonymous? && request.format.to_s =~ /json|xml/
-      render :text => "401 Not Authorized\n", :layout => false, :status => 401
-      return false
+    if request.format.to_s =~ /json|xml/
+      if CurrentUser.is_anonymous?
+        render :text => "401 Not Authorized\n", :layout => false, :status => 401
+        return false
+      end
+
+      if ApiLimiter.throttled?(request.remote_ip)
+        render :text => "421 User Throttled\n", :layout => false, :status => 421
+        return false
+      end
    end
    
    return true
--- a/app/logical/anonymous_user.rb
+++ b/app/logical/anonymous_user.rb
@@ -164,6 +164,10 @@ class AnonymousUser
  def enable_sequential_post_navigation
    true
  end
+  
+  def api_hourly_limit
+    500
+  end

  %w(member banned privileged builder platinum contributor janitor moderator admin).each do |name|
    define_method("is_#{name}?") do
--- a/app/logical/api_limiter.rb
+++ b/app/logical/api_limiter.rb
@@ -0,0 +1,9 @@
+module ApiLimiter
+  def throttled?(ip_addr)
+    key = "#{ip_addr}:#{Time.now.hour}"
+    MEMCACHE.fetch(key, 1.hour, true) {0}
+    MEMCACHE.incr(key).to_i > CurrentUser.user.api_hourly_limit
+  end
+  
+  module_function :throttled?
+end
--- a/app/logical/cache.rb
+++ b/app/logical/cache.rb
@@ -1,15 +1,11 @@
 class Cache
-  def self.incr(key, expiry = 0)
-    val = Cache.get(key, expiry)
-    Cache.put(key, val.to_i + 1)
+  def self.incr(key)
+    MEMCACHE.incr(key)
    ActiveRecord::Base.logger.debug('MemCache Incr %s' % [key])
  end

-  def self.decr(key, expiry = 0)
-    val = Cache.get(key, expiry)
-    if val.to_i > 0
-      Cache.put(key, val.to_i - 1)
-    end
+  def self.decr(key)
+    MEMCACHE.decr(key)
    ActiveRecord::Base.logger.debug('MemCache Decr %s' % [key])
  end

--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -469,6 +469,16 @@ class User < ActiveRecord::Base
        20_000
      end
    end
+    
+    def api_hourly_limit
+      if is_platinum?
+        20_000
+      elsif is_privileged?
+        10_000
+      else
+        3_000
+      end
+    end
  end

  module ApiMethods