Class: Vmpooler::API::RateLimiter

Inherits:

Object

• Object
• Vmpooler::API::RateLimiter

Defined in:

lib/vmpooler/api/rate_limiter.rb

Overview

Rate limiter middleware to protect against abuse Uses Redis to track request counts per IP and token

Constant Summary

DEFAULT_LIMITS =

{
  global_per_ip: { limit: 100, period: 60 }, # 100 requests per minute per IP
  authenticated: { limit: 500, period: 60 }, # 500 requests per minute with token
  vm_creation: { limit: 20, period: 60 },    # 20 VM creations per minute
  vm_deletion: { limit: 50, period: 60 }     # 50 VM deletions per minute
}.freeze

Instance Method Summary

• #call(env) ⇒ Object
• #initialize(app, redis, config = {}) ⇒ RateLimiter constructor

  A new instance of RateLimiter.

Constructor Details

#initialize(app, redis, config = {}) ⇒ RateLimiter

Returns a new instance of RateLimiter.

# File 'lib/vmpooler/api/rate_limiter.rb', line 15

def initialize(app, redis, config = {})
  @app = app
  @redis = redis
  @config = DEFAULT_LIMITS.merge(config[:rate_limits] || {})
  @enabled = config.fetch(:rate_limiting_enabled, true)
end

Instance Method Details

#call(env) ⇒ Object

# File 'lib/vmpooler/api/rate_limiter.rb', line 22

def call(env)
  return @app.call(env) unless @enabled

  request = Rack::Request.new(env)
  client_id = identify_client(request)
  endpoint_type = classify_endpoint(request)

  # Check rate limits
  return rate_limit_response(client_id, endpoint_type) if rate_limit_exceeded?(client_id, endpoint_type, request)

  # Track the request
  increment_request_count(client_id, endpoint_type)

  @app.call(env)
end