Class: Rack::Attack

Inherits:

Object

• Object
• Rack::Attack

Extended by:

Forwardable

Defined in:

lib/rack/attack/cache.rb,
lib/rack/attack/check.rb,
lib/rack/attack/track.rb,
lib/rack/attack/request.rb,
lib/rack/attack/version.rb,
lib/rack/attack/fail2ban.rb,
lib/rack/attack/safelist.rb,
lib/rack/attack/throttle.rb,
lib/rack/attack/allow2ban.rb,
lib/rack/attack/blocklist.rb,
lib/rack/attack/store_proxy.rb,
lib/rack/attack/path_normalizer.rb,
lib/rack/attack/store_proxy/dalli_proxy.rb,
lib/rack/attack/store_proxy/mem_cache_proxy.rb,
lib/rack/attack/store_proxy/redis_store_proxy.rb,
lib/rack/attack.rb

Defined Under Namespace

Modules: FallbackPathNormalizer, StoreProxy Classes: Allow2Ban, Blocklist, Cache, Check, Fail2Ban, Request, Safelist, Throttle, Track

Constant Summary

VERSION =

'5.0.1'

PathNormalizer =

if defined?(::ActionDispatch::Journey::Router::Utils)
  # For Rails 4+ apps
  ::ActionDispatch::Journey::Router::Utils
elsif defined?(::Journey::Router::Utils)
  # for Rails 3.2
  ::Journey::Router::Utils
else
  FallbackPathNormalizer
end

Class Attribute Summary

• .blocklisted_response ⇒ Object

  Returns the value of attribute blocklisted_response.

• .notifier ⇒ Object

  Returns the value of attribute notifier.

• .throttled_response ⇒ Object

  Returns the value of attribute throttled_response.

Class Method Summary

• .blacklist(name, &block) ⇒ Object
• .blacklisted?(req) ⇒ Boolean
• .blacklisted_response ⇒ Object
• .blacklisted_response=(res) ⇒ Object
• .blacklists ⇒ Object
• .blocklist(name, &block) ⇒ Object
• .blocklisted?(req) ⇒ Boolean
• .blocklists ⇒ Object
• .cache ⇒ Object
• .clear! ⇒ Object
• .instrument(req) ⇒ Object
• .safelist(name, &block) ⇒ Object
• .safelisted?(req) ⇒ Boolean
• .safelists ⇒ Object
• .throttle(name, options, &block) ⇒ Object
• .throttled?(req) ⇒ Boolean
• .throttles ⇒ Object
• .track(name, options = {}, &block) ⇒ Object
• .tracked?(req) ⇒ Boolean
• .tracks ⇒ Object
• .whitelist(name, &block) ⇒ Object
• .whitelisted?(req) ⇒ Boolean
• .whitelists ⇒ Object

Instance Method Summary

• #call(env) ⇒ Object
• #initialize(app) ⇒ Attack constructor

  A new instance of Attack.

Constructor Details

#initialize(app) ⇒ Attack

Returns a new instance of Attack.

# File 'lib/rack/attack.rb', line 131

def initialize(app)
  @app = app
end

Class Attribute Details

.blocklisted_response ⇒ Object

Returns the value of attribute blocklisted_response.

# File 'lib/rack/attack.rb', line 22

def blocklisted_response
  @blocklisted_response
end

.notifier ⇒ Object

Returns the value of attribute notifier.

# File 'lib/rack/attack.rb', line 22

def notifier
  @notifier
end

.throttled_response ⇒ Object

Returns the value of attribute throttled_response.

# File 'lib/rack/attack.rb', line 22

def throttled_response
  @throttled_response
end

Class Method Details

.blacklist(name, &block) ⇒ Object

# File 'lib/rack/attack.rb', line 37

def blacklist(name, &block)
  warn "[DEPRECATION] 'Rack::Attack.blacklist' is deprecated.  Please use 'blocklist' instead."
  blocklist(name, &block)
end

.blacklisted?(req) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/rack/attack.rb', line 82

def blacklisted?(req)
  warn "[DEPRECATION] 'Rack::Attack.blacklisted?' is deprecated.  Please use 'blocklisted?' instead."
  blocklisted?(req)
end

.blacklisted_response ⇒ Object

# File 'lib/rack/attack.rb', line 116

def blacklisted_response
  warn "[DEPRECATION] 'Rack::Attack.blacklisted_response' is deprecated.  Please use 'blocklisted_response' instead."
  self.blocklisted_response
end

.blacklisted_response=(res) ⇒ Object

# File 'lib/rack/attack.rb', line 111

def blacklisted_response=(res)
  warn "[DEPRECATION] 'Rack::Attack.blacklisted_response=' is deprecated.  Please use 'blocklisted_response=' instead."
  self.blocklisted_response=(res)
end

.blacklists ⇒ Object

# File 'lib/rack/attack.rb', line 60

def blacklists
  warn "[DEPRECATION] 'Rack::Attack.blacklists' is deprecated.  Please use 'blocklists' instead."
  blocklists
end

.blocklist(name, &block) ⇒ Object

# File 'lib/rack/attack.rb', line 33

def blocklist(name, &block)
  self.blocklists[name] = Blocklist.new(name, block)
end

.blocklisted?(req) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/rack/attack.rb', line 76

def blocklisted?(req)
  blocklists.any? do |name, blocklist|
    blocklist[req]
  end
end

.blocklists ⇒ Object

# File 'lib/rack/attack.rb', line 51

def blocklists; @blocklists ||= {}; end

.cache ⇒ Object

# File 'lib/rack/attack.rb', line 103

def cache
  @cache ||= Cache.new
end

.clear! ⇒ Object

# File 'lib/rack/attack.rb', line 107

def clear!
  @safelists, @blocklists, @throttles, @tracks = {}, {}, {}, {}
end

.instrument(req) ⇒ Object

# File 'lib/rack/attack.rb', line 99

def instrument(req)
  notifier.instrument('rack.attack', req) if notifier
end

.safelist(name, &block) ⇒ Object

# File 'lib/rack/attack.rb', line 24

def safelist(name, &block)
  self.safelists[name] = Safelist.new(name, block)
end

.safelisted?(req) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/rack/attack.rb', line 65

def safelisted?(req)
  safelists.any? do |name, safelist|
    safelist[req]
  end
end

.safelists ⇒ Object

# File 'lib/rack/attack.rb', line 50

def safelists; @safelists ||= {}; end

.throttle(name, options, &block) ⇒ Object

# File 'lib/rack/attack.rb', line 42

def throttle(name, options, &block)
  self.throttles[name] = Throttle.new(name, options, block)
end

.throttled?(req) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/rack/attack.rb', line 87

def throttled?(req)
  throttles.any? do |name, throttle|
    throttle[req]
  end
end

.throttles ⇒ Object

# File 'lib/rack/attack.rb', line 52

def throttles;  @throttles  ||= {}; end

.track(name, options = {}, &block) ⇒ Object

# File 'lib/rack/attack.rb', line 46

def track(name, options = {}, &block)
  self.tracks[name] = Track.new(name, options, block)
end

.tracked?(req) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/rack/attack.rb', line 93

def tracked?(req)
  tracks.each_value do |tracker|
    tracker[req]
  end
end

.tracks ⇒ Object

# File 'lib/rack/attack.rb', line 53

def tracks;     @tracks     ||= {}; end

.whitelist(name, &block) ⇒ Object

# File 'lib/rack/attack.rb', line 28

def whitelist(name, &block)
  warn "[DEPRECATION] 'Rack::Attack.whitelist' is deprecated.  Please use 'safelist' instead."
  safelist(name, &block)
end

.whitelisted?(req) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/rack/attack.rb', line 71

def whitelisted?(req)
  warn "[DEPRECATION] 'Rack::Attack.whitelisted?' is deprecated.  Please use 'safelisted?' instead."
  safelisted?(req)
end

.whitelists ⇒ Object

# File 'lib/rack/attack.rb', line 55

def whitelists
  warn "[DEPRECATION] 'Rack::Attack.whitelists' is deprecated.  Please use 'safelists' instead."
  safelists
end

Instance Method Details

#call(env) ⇒ Object

# File 'lib/rack/attack.rb', line 135

def call(env)
  env['PATH_INFO'] = PathNormalizer.normalize_path(env['PATH_INFO'])
  req = Rack::Attack::Request.new(env)

  if safelisted?(req)
    @app.call(env)
  elsif blocklisted?(req)
    self.class.blocklisted_response.call(env)
  elsif throttled?(req)
    self.class.throttled_response.call(env)
  else
    tracked?(req)
    @app.call(env)
  end
end