v0.3.0-unstable18
This commit is contained in:
parent
721ee3f91f
commit
ef25b13cb4
|
@ -1,6 +1,6 @@
|
||||||
{
|
{
|
||||||
"name": "cosmos-server",
|
"name": "cosmos-server",
|
||||||
"version": "0.3.0-unstable17",
|
"version": "0.3.0-unstable18",
|
||||||
"description": "",
|
"description": "",
|
||||||
"main": "test-server.js",
|
"main": "test-server.js",
|
||||||
"bugs": {
|
"bugs": {
|
||||||
|
|
|
@ -48,7 +48,7 @@ Key Features:
|
||||||
* **Dynamic Rate Limiting** ✨ SmartShield calculates rate limits based on user behavior, providing a flexible approach to maintain API health without negatively impacting user experience.
|
* **Dynamic Rate Limiting** ✨ SmartShield calculates rate limits based on user behavior, providing a flexible approach to maintain API health without negatively impacting user experience.
|
||||||
* **Adaptive Actions** 📈 SmartShield automatically throttles users who exceed their rate limits, preventing them from consuming more resources than they are allowed without abruptly terminating their requests.
|
* **Adaptive Actions** 📈 SmartShield automatically throttles users who exceed their rate limits, preventing them from consuming more resources than they are allowed without abruptly terminating their requests.
|
||||||
* **User Bans & Strikes** 🚫 Implement temporary or permanent bans and issue strikes automatically to prevent API abuse from malicious or resource-intensive users.
|
* **User Bans & Strikes** 🚫 Implement temporary or permanent bans and issue strikes automatically to prevent API abuse from malicious or resource-intensive users.
|
||||||
* **Global Request Control** 🌐 Monitor and limit the total number of simultaneous requests on your server, ensuring optimal performance and stability.
|
* **Global Request Control** 🌐 Monitor and limit with queues the total number of simultaneous requests on your server, ensuring optimal performance and stability.
|
||||||
* **User-based Metrics** 📊 SmartShield tracks user consumption in terms of requests, data usage, and simultaneous connections, allowing for detailed control.
|
* **User-based Metrics** 📊 SmartShield tracks user consumption in terms of requests, data usage, and simultaneous connections, allowing for detailed control.
|
||||||
* **Privileged Access** 🔑 Assign privileged access to specific user groups, granting them exemption from certain restrictions and ensuring uninterrupted service even durin attacks.
|
* **Privileged Access** 🔑 Assign privileged access to specific user groups, granting them exemption from certain restrictions and ensuring uninterrupted service even durin attacks.
|
||||||
* **Customizable Policies** ⚙️ Modify SmartShield's default policies to suit your specific needs, such as request limits, time budgets, and more.
|
* **Customizable Policies** ⚙️ Modify SmartShield's default policies to suit your specific needs, such as request limits, time budgets, and more.
|
||||||
|
|
|
@ -149,7 +149,7 @@ func (shield *smartShieldState) isAllowedToReqest(policy utils.SmartShieldPolicy
|
||||||
if (userConsumed.Time > (policy.PerUserTimeBudget * float64(policy.PolicyStrictness))) ||
|
if (userConsumed.Time > (policy.PerUserTimeBudget * float64(policy.PolicyStrictness))) ||
|
||||||
(userConsumed.Requests > (policy.PerUserRequestLimit * policy.PolicyStrictness)) ||
|
(userConsumed.Requests > (policy.PerUserRequestLimit * policy.PolicyStrictness)) ||
|
||||||
(userConsumed.Bytes > (policy.PerUserByteLimit * int64(policy.PolicyStrictness))) ||
|
(userConsumed.Bytes > (policy.PerUserByteLimit * int64(policy.PolicyStrictness))) ||
|
||||||
(userConsumed.Simultaneous > (policy.PerUserSimultaneous * policy.PolicyStrictness)) {
|
(userConsumed.Simultaneous > (policy.PerUserSimultaneous * policy.PolicyStrictness * 15)) {
|
||||||
shield.bans = append(shield.bans, &userBan{
|
shield.bans = append(shield.bans, &userBan{
|
||||||
ClientID: ClientID,
|
ClientID: ClientID,
|
||||||
banType: STRIKE,
|
banType: STRIKE,
|
||||||
|
@ -259,11 +259,27 @@ func SmartShieldMiddleware(policy utils.SmartShieldPolicy) func(http.Handler) ht
|
||||||
currentGlobalRequests := shield.GetServerNbReq() + 1
|
currentGlobalRequests := shield.GetServerNbReq() + 1
|
||||||
utils.Debug(fmt.Sprintf("SmartShield: Current global requests: %d", currentGlobalRequests))
|
utils.Debug(fmt.Sprintf("SmartShield: Current global requests: %d", currentGlobalRequests))
|
||||||
|
|
||||||
if currentGlobalRequests > policy.MaxGlobalSimultaneous && !isPrivileged(r, policy) {
|
if !isPrivileged(r, policy) {
|
||||||
|
tooManyReq := currentGlobalRequests > policy.MaxGlobalSimultaneous
|
||||||
|
wayTooManyReq := currentGlobalRequests > policy.MaxGlobalSimultaneous * 10
|
||||||
|
retries := 50
|
||||||
|
if wayTooManyReq {
|
||||||
|
utils.Log("SmartShield: WAYYYY Too many users on the server. Aborting right away.")
|
||||||
|
http.Error(w, "Too many requests", http.StatusTooManyRequests)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
for tooManyReq {
|
||||||
|
time.Sleep(5000 * time.Millisecond)
|
||||||
|
currentGlobalRequests := shield.GetServerNbReq() + 1
|
||||||
|
tooManyReq = currentGlobalRequests > policy.MaxGlobalSimultaneous
|
||||||
|
retries--
|
||||||
|
if retries <= 0 {
|
||||||
utils.Log("SmartShield: Too many users on the server")
|
utils.Log("SmartShield: Too many users on the server")
|
||||||
http.Error(w, "Too many requests", http.StatusTooManyRequests)
|
http.Error(w, "Too many requests", http.StatusTooManyRequests)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
clientID := GetClientID(r)
|
clientID := GetClientID(r)
|
||||||
userConsumed := shield.GetUserUsedBudgets(clientID)
|
userConsumed := shield.GetUserUsedBudgets(clientID)
|
||||||
|
|
Loading…
Reference in a new issue