jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

rate limits: adjust limits for various actions.

Browse Source 
* Tie rate limits to both the user's ID and their IP address.

* Make each endpoint have separate rate limits. This means that, for
  example, your post edit rate limit is separate from your post vote
  rate limit. Before all write actions had a shared rate limit.

* Make all write endpoints have rate limits. Before some endpoints, such
  as voting, favoriting, commenting, or forum posting, weren't subject
  to rate limits.

* Add stricter rate limits for some endpoints:

** 1 per 5 minutes for creating new accounts.
** 1 per minute for login attempts, changing your email address, or
   for creating mod reports.
** 1 per minute for sending dmails, creating comments, creating forum
   posts, or creating forum topics.
** 1 per second for voting, favoriting, or disapproving posts.
** These rate limits all have burst factors high enough that they
   shouldn't affect normal, non-automated users.

* Raise the default write rate limit for Gold users from 2 per second to
  4 per second, for all other actions not listed above.

* Raise the default burst factor to 200 for all other actions not listed
  above. Before it was 10 for Members, 30 for Gold, and 60 for Platinum.
This commit is contained in:
evazion
2021-03-05 04:50:37 -06:00
parent 4492610dfe
commit 413cd34c45
15 changed files with 55 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
app/models/user.rb
View File

@@ -464,26 +464,12 @@ class User < ApplicationRecord
# regen this amount per second
def api_regen_multiplier(level)
if level >= User::Levels::PLATINUM
if level >= User::Levels::GOLD
4
elsif level == User::Levels::GOLD
2
else
1
end
end
# can make this many api calls at once before being bound by
# api_regen_multiplier refilling your pool
def api_burst_limit(level)
if level >= User::Levels::PLATINUM
60
elsif level == User::Levels::GOLD
30
else
10
end
end
end
def max_saved_searches
@@ -534,10 +520,6 @@ class User < ApplicationRecord
User.api_regen_multiplier(level)
end
def api_burst_limit
User.api_burst_limit(level)
end
def statement_timeout
User.statement_timeout(level)
end