Giters

stefanprodan / AspNetCoreRateLimit

ASP.NET Core rate limiting middleware

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Endpoint path involving * (variable) not working correctly

martinaedma opened this issue · comments

commented

Hi, im using following settings

"IpRateLimitingSettings": {
    "EnableEndpointRateLimiting": true,
    "StackBlockedRequests": false,
    "RealIpHeader": "X-Azure-ClientIP",
    "HttpStatusCode": 429,
    "GeneralRules": [
      {
        "Endpoint": "post:/api/Apartments/*/lock",
        "Period": "60s",
        "Limit": 3
      }
    ]
  }

Endpoint has following definition
[HttpPost("{id:int:min(1)}/lock")]

example request

/api/Apartments/12345/lock

when I hit this 3x I will get rate limited, but then I change variable and request go through.

/api/Apartments/11111/lock

in endpoint definition i thought /*/ between Apartments and lock would take care of this, but it doesnt.
How can I define endpoint path so that variable change does not trick limiter into thinking its a new url.

commented

Hei, I got it fixed when I found some previous discussions about it.
Made custom classes


    public class IpRateLimitConfigurationCustom : RateLimitConfiguration
    {
        public IpRateLimitConfigurationCustom(IOptions<IpRateLimitOptions> ipOptions, IOptions<ClientRateLimitOptions> clientOptions) : base(ipOptions, clientOptions)
        {

        }

        public override ICounterKeyBuilder EndpointCounterKeyBuilder { get; } = new EndpointCounterKeyBuilder();
    }

    public class EndpointCounterKeyBuilder : ICounterKeyBuilder
    {
        public string Build(ClientRequestIdentity requestIdentity, RateLimitRule rule)
        {
            // This will allow to rate limit /api/values/1 and api/values/2 under same counter
            return $"_{rule.Endpoint}";
        }
    }

used api/Apartments/*

wildcard

and injected my custom configuration class, works now

commented

Very good~