line |
stmt |
bran |
cond |
sub |
pod |
time |
code |
1
|
|
|
|
|
|
|
package Plack::Middleware::Throttle::Lite; |
2
|
|
|
|
|
|
|
|
3
|
|
|
|
|
|
|
# ABSTRACT: Requests throttling for Plack |
4
|
|
|
|
|
|
|
|
5
|
6
|
|
|
6
|
|
143733
|
use strict; |
|
6
|
|
|
|
|
15
|
|
|
6
|
|
|
|
|
271
|
|
6
|
6
|
|
|
6
|
|
33
|
use warnings; |
|
6
|
|
|
|
|
12
|
|
|
6
|
|
|
|
|
205
|
|
7
|
6
|
|
|
6
|
|
36
|
use parent 'Plack::Middleware'; |
|
6
|
|
|
|
|
11
|
|
|
6
|
|
|
|
|
107
|
|
8
|
6
|
|
|
6
|
|
487
|
use Plack::Util::Accessor qw(limits maxreq units backend routes blacklist whitelist defaults privileged header_prefix); |
|
6
|
|
|
|
|
12
|
|
|
6
|
|
|
|
|
1333
|
|
9
|
6
|
|
|
6
|
|
16285
|
use List::MoreUtils qw(any); |
|
6
|
|
|
|
|
11339
|
|
|
6
|
|
|
|
|
592
|
|
10
|
6
|
|
|
6
|
|
45
|
use Plack::Util; |
|
6
|
|
|
|
|
12
|
|
|
6
|
|
|
|
|
125
|
|
11
|
6
|
|
|
6
|
|
29
|
use Carp (); |
|
6
|
|
|
|
|
13
|
|
|
6
|
|
|
|
|
262
|
|
12
|
6
|
|
|
6
|
|
6485
|
use Net::CIDR::Lite; |
|
6
|
|
|
|
|
27132
|
|
|
6
|
|
|
|
|
10786
|
|
13
|
|
|
|
|
|
|
|
14
|
|
|
|
|
|
|
our $VERSION = '0.05'; # VERSION |
15
|
|
|
|
|
|
|
our $AUTHORITY = 'cpan:CHIM'; # AUTHORITY |
16
|
|
|
|
|
|
|
|
17
|
|
|
|
|
|
|
# |
18
|
|
|
|
|
|
|
# Some important routines |
19
|
|
|
|
|
|
|
sub prepare_app { |
20
|
50
|
|
|
50
|
1
|
147491
|
my ($self) = @_; |
21
|
|
|
|
|
|
|
|
22
|
|
|
|
|
|
|
# setting up defaults |
23
|
50
|
|
|
|
|
447
|
$self->defaults({ |
24
|
|
|
|
|
|
|
requests => 199, |
25
|
|
|
|
|
|
|
units => 'req/hour', |
26
|
|
|
|
|
|
|
backend => 'Simple', |
27
|
|
|
|
|
|
|
header_prefix => 'Throttle-Lite', |
28
|
|
|
|
|
|
|
username => 'nobody', |
29
|
|
|
|
|
|
|
}); |
30
|
|
|
|
|
|
|
|
31
|
50
|
|
|
|
|
2322
|
$self->_normalize_header_prefix; |
32
|
50
|
|
|
|
|
434
|
$self->_normalize_limits; |
33
|
50
|
|
|
|
|
528
|
$self->_initialize_backend; |
34
|
45
|
|
|
|
|
416
|
$self->_normalize_routes; |
35
|
40
|
|
|
|
|
305
|
$self->blacklist($self->_initialize_accesslist($self->blacklist)); |
36
|
40
|
|
|
|
|
310
|
$self->whitelist($self->_initialize_accesslist($self->whitelist)); |
37
|
|
|
|
|
|
|
|
38
|
40
|
|
|
|
|
302
|
$self->backend->reqs_max($self->maxreq); |
39
|
40
|
|
|
|
|
135
|
$self->backend->units($self->units); |
40
|
|
|
|
|
|
|
} |
41
|
|
|
|
|
|
|
|
42
|
|
|
|
|
|
|
# |
43
|
|
|
|
|
|
|
# Execute middleware |
44
|
|
|
|
|
|
|
sub call { |
45
|
107
|
|
|
107
|
1
|
516058
|
my ($self, $env) = @_; |
46
|
|
|
|
|
|
|
|
47
|
107
|
|
|
|
|
186
|
my $response; |
48
|
|
|
|
|
|
|
|
49
|
107
|
100
|
|
|
|
394
|
if ($self->have_to_throttle($env)) { |
50
|
|
|
|
|
|
|
|
51
|
105
|
100
|
|
|
|
371
|
return $self->reject_request(blacklist => 403) if $self->is_remote_blacklisted($env); |
52
|
|
|
|
|
|
|
|
53
|
|
|
|
|
|
|
# update client id |
54
|
95
|
|
|
|
|
3159
|
$self->backend->requester_id($self->requester_id($env)); |
55
|
|
|
|
|
|
|
|
56
|
|
|
|
|
|
|
# update |
57
|
95
|
|
|
|
|
361
|
$self->privileged($self->is_remote_whitelisted($env)); |
58
|
|
|
|
|
|
|
|
59
|
95
|
100
|
|
|
|
2463
|
$response = $self->is_allowed |
60
|
|
|
|
|
|
|
? $self->app->($env) |
61
|
|
|
|
|
|
|
: $self->reject_request(ratelimit => 429); |
62
|
|
|
|
|
|
|
|
63
|
|
|
|
|
|
|
$self->response_cb($response, sub { |
64
|
95
|
|
|
95
|
|
2211
|
$self->modify_headers(@_); |
65
|
95
|
|
|
|
|
1758
|
}); |
66
|
|
|
|
|
|
|
} |
67
|
|
|
|
|
|
|
else { |
68
|
2
|
|
|
|
|
13
|
$response = $self->app->($env); |
69
|
|
|
|
|
|
|
} |
70
|
|
|
|
|
|
|
|
71
|
97
|
|
|
|
|
2818
|
$response; |
72
|
|
|
|
|
|
|
} |
73
|
|
|
|
|
|
|
|
74
|
|
|
|
|
|
|
# |
75
|
|
|
|
|
|
|
# Rejects incoming request with some reason |
76
|
|
|
|
|
|
|
sub reject_request { |
77
|
43
|
|
|
43
|
1
|
708
|
my ($self, $reason, $code) = @_; |
78
|
|
|
|
|
|
|
|
79
|
43
|
|
|
|
|
190
|
my $reasons = { |
80
|
|
|
|
|
|
|
blacklist => 'IP Address Blacklisted', |
81
|
|
|
|
|
|
|
ratelimit => 'Rate Limit Exceeded', |
82
|
|
|
|
|
|
|
}; |
83
|
|
|
|
|
|
|
|
84
|
43
|
|
|
|
|
306
|
[ $code, [ 'Content-Type' => 'text/plain', ], [ $reasons->{$reason} ] ]; |
85
|
|
|
|
|
|
|
} |
86
|
|
|
|
|
|
|
|
87
|
|
|
|
|
|
|
# |
88
|
|
|
|
|
|
|
# Set prefix for headers |
89
|
|
|
|
|
|
|
sub _normalize_header_prefix { |
90
|
50
|
|
|
50
|
|
137
|
my ($self) = @_; |
91
|
|
|
|
|
|
|
|
92
|
50
|
|
|
|
|
226
|
my $prefix = $self->defaults->{header_prefix}; |
93
|
|
|
|
|
|
|
|
94
|
50
|
100
|
|
|
|
406
|
if ($self->header_prefix) { |
95
|
10
|
|
|
|
|
77
|
$prefix = $self->header_prefix; |
96
|
|
|
|
|
|
|
|
97
|
|
|
|
|
|
|
# remove invalid chars |
98
|
10
|
|
|
|
|
101
|
$prefix =~ s/[^0-9a-zA-Z\s]//g; |
99
|
|
|
|
|
|
|
|
100
|
|
|
|
|
|
|
# trim spaces |
101
|
10
|
|
|
|
|
41
|
$prefix =~ s/^\s+//g; |
102
|
10
|
|
|
|
|
33
|
$prefix =~ s/\s+$//g; |
103
|
|
|
|
|
|
|
|
104
|
|
|
|
|
|
|
# camelize |
105
|
10
|
|
|
|
|
37
|
$prefix = join '-' => map { ucfirst } split /\s+/, $prefix; |
|
21
|
|
|
|
|
62
|
|
106
|
|
|
|
|
|
|
|
107
|
|
|
|
|
|
|
# set default value in case of empty prefix |
108
|
10
|
|
66
|
|
|
41
|
$prefix = $prefix || $self->defaults->{header_prefix}; |
109
|
|
|
|
|
|
|
} |
110
|
|
|
|
|
|
|
|
111
|
50
|
|
|
|
|
390
|
$self->header_prefix($prefix); |
112
|
|
|
|
|
|
|
} |
113
|
|
|
|
|
|
|
|
114
|
|
|
|
|
|
|
# |
115
|
|
|
|
|
|
|
# Rate limit normalization |
116
|
|
|
|
|
|
|
sub _normalize_limits { |
117
|
50
|
|
|
50
|
|
93
|
my ($self) = @_; |
118
|
|
|
|
|
|
|
|
119
|
50
|
|
|
|
|
256
|
my $units = { |
120
|
|
|
|
|
|
|
'm' => 'req/min', |
121
|
|
|
|
|
|
|
'h' => 'req/hour', |
122
|
|
|
|
|
|
|
'd' => 'req/day', |
123
|
|
|
|
|
|
|
}; |
124
|
|
|
|
|
|
|
|
125
|
50
|
|
|
|
|
226
|
my $limits_re = qr{^(\d*)(\s*)(r|req)(\/|\sper\s)(h|hour|d|day|m|min).*}; |
126
|
|
|
|
|
|
|
|
127
|
50
|
100
|
|
|
|
228
|
if ($self->limits) { |
128
|
43
|
|
|
|
|
319
|
my $t_limits = lc($self->limits); |
129
|
43
|
|
|
|
|
470
|
$t_limits =~ s/\s+/ /g; |
130
|
43
|
|
|
|
|
425
|
$t_limits =~ /$limits_re/; |
131
|
43
|
|
33
|
|
|
324
|
$self->maxreq($1 || $self->defaults->{requests}); |
132
|
43
|
|
33
|
|
|
488
|
$self->units($units->{$5} || $self->defaults->{units}) |
133
|
|
|
|
|
|
|
} |
134
|
|
|
|
|
|
|
else { |
135
|
7
|
|
|
|
|
115
|
$self->maxreq($self->defaults->{requests}); |
136
|
7
|
|
|
|
|
62
|
$self->units($self->defaults->{units}) |
137
|
|
|
|
|
|
|
} |
138
|
|
|
|
|
|
|
} |
139
|
|
|
|
|
|
|
|
140
|
|
|
|
|
|
|
# |
141
|
|
|
|
|
|
|
# Storage backend |
142
|
|
|
|
|
|
|
sub _initialize_backend { |
143
|
50
|
|
|
50
|
|
98
|
my ($self) = @_; |
144
|
|
|
|
|
|
|
|
145
|
50
|
|
|
|
|
171
|
my ($class, $args) = ($self->defaults->{backend}, {}); |
146
|
|
|
|
|
|
|
|
147
|
50
|
100
|
|
|
|
380
|
if ($self->backend) { |
148
|
29
|
|
100
|
|
|
227
|
my $reft = uc(ref($self->backend) || 'NA'); |
149
|
29
|
100
|
|
|
|
314
|
if ($reft eq 'NA') { # SCALAR |
|
|
100
|
|
|
|
|
|
150
|
26
|
|
|
|
|
229
|
($class, $args) = ($self->backend, {}); |
151
|
|
|
|
|
|
|
} |
152
|
|
|
|
|
|
|
elsif ($reft eq 'ARRAY') { |
153
|
1
|
|
|
|
|
2
|
($class, $args) = @{ $self->backend }; |
|
1
|
|
|
|
|
3
|
|
154
|
|
|
|
|
|
|
} |
155
|
|
|
|
|
|
|
else { |
156
|
2
|
|
|
|
|
40
|
Carp::croak 'Expected scalar or array reference!'; |
157
|
|
|
|
|
|
|
} |
158
|
|
|
|
|
|
|
} |
159
|
|
|
|
|
|
|
|
160
|
48
|
|
|
|
|
705
|
my $backend = Plack::Util::load_class($class, 'Plack::Middleware::Throttle::Lite::Backend'); |
161
|
|
|
|
|
|
|
|
162
|
45
|
|
|
|
|
1554
|
$self->backend($backend->new($args)); |
163
|
|
|
|
|
|
|
} |
164
|
|
|
|
|
|
|
|
165
|
|
|
|
|
|
|
# |
166
|
|
|
|
|
|
|
# Routes' normalization |
167
|
|
|
|
|
|
|
sub _normalize_routes { |
168
|
45
|
|
|
45
|
|
91
|
my ($self) = @_; |
169
|
|
|
|
|
|
|
|
170
|
45
|
|
|
|
|
99
|
my $routes = []; |
171
|
|
|
|
|
|
|
|
172
|
45
|
50
|
|
|
|
170
|
if ($self->routes) { |
173
|
45
|
|
100
|
|
|
435
|
my $reft = uc(ref($self->routes) || 'NA'); |
174
|
45
|
100
|
|
|
|
454
|
if ($reft eq 'NA') { # SCALAR |
|
|
100
|
|
|
|
|
|
|
|
100
|
|
|
|
|
|
175
|
36
|
|
|
|
|
113
|
$routes = [ $self->routes ]; |
176
|
|
|
|
|
|
|
} |
177
|
|
|
|
|
|
|
elsif ($reft eq 'REGEXP') { |
178
|
1
|
|
|
|
|
4
|
$routes = [ $self->routes ]; |
179
|
|
|
|
|
|
|
} |
180
|
|
|
|
|
|
|
elsif ($reft eq 'ARRAY') { |
181
|
3
|
|
|
|
|
7
|
$routes = $self->routes; |
182
|
|
|
|
|
|
|
} |
183
|
|
|
|
|
|
|
else { |
184
|
5
|
|
|
|
|
89
|
Carp::croak 'Expected scalar, regex or array reference!'; |
185
|
|
|
|
|
|
|
} |
186
|
|
|
|
|
|
|
} |
187
|
|
|
|
|
|
|
|
188
|
40
|
|
|
|
|
331
|
$self->routes($routes); |
189
|
|
|
|
|
|
|
} |
190
|
|
|
|
|
|
|
|
191
|
|
|
|
|
|
|
# |
192
|
|
|
|
|
|
|
# Adds extra headers to response |
193
|
|
|
|
|
|
|
sub modify_headers { |
194
|
95
|
|
|
95
|
1
|
164
|
my ($self, $response) = @_; |
195
|
95
|
|
|
|
|
153
|
my $headers = $response->[1]; |
196
|
|
|
|
|
|
|
|
197
|
95
|
|
|
|
|
340
|
my $prefix = $self->header_prefix; |
198
|
|
|
|
|
|
|
|
199
|
95
|
100
|
|
|
|
716
|
my %inject = ( |
200
|
|
|
|
|
|
|
"X-${prefix}-Limit" => $self->privileged ? 'unlimited' : $self->maxreq, |
201
|
|
|
|
|
|
|
"X-${prefix}-Units" => $self->units, |
202
|
|
|
|
|
|
|
"X-${prefix}-Used" => $self->backend->reqs_done, |
203
|
|
|
|
|
|
|
); |
204
|
|
|
|
|
|
|
|
205
|
95
|
100
|
100
|
|
|
618
|
if (($self->backend->reqs_done >= $self->maxreq) && !$self->privileged) { |
206
|
59
|
|
|
|
|
1091
|
$inject{"X-${prefix}-Expire"} = $inject{"Retry-After"} = $self->backend->expire_in; |
207
|
|
|
|
|
|
|
} |
208
|
|
|
|
|
|
|
|
209
|
95
|
|
|
|
|
1094
|
map { Plack::Util::header_set($headers, $_, $inject{$_}) } sort keys %inject; |
|
403
|
|
|
|
|
20448
|
|
210
|
|
|
|
|
|
|
|
211
|
95
|
|
|
|
|
4004
|
$response; |
212
|
|
|
|
|
|
|
} |
213
|
|
|
|
|
|
|
|
214
|
|
|
|
|
|
|
# |
215
|
|
|
|
|
|
|
# Checks if requested path should be throttled |
216
|
|
|
|
|
|
|
sub have_to_throttle { |
217
|
107
|
|
|
107
|
1
|
186
|
my ($self, $env) = @_; |
218
|
|
|
|
|
|
|
|
219
|
107
|
|
|
107
|
|
494
|
any { $env->{PATH_INFO} =~ /$_/ } @{ $self->routes }; |
|
107
|
|
|
|
|
1824
|
|
|
107
|
|
|
|
|
547
|
|
220
|
|
|
|
|
|
|
} |
221
|
|
|
|
|
|
|
|
222
|
|
|
|
|
|
|
# |
223
|
|
|
|
|
|
|
# Checks if the requester's IP in the blacklist |
224
|
|
|
|
|
|
|
sub is_remote_blacklisted { |
225
|
105
|
|
|
105
|
1
|
205
|
my ($self, $env) = @_; |
226
|
|
|
|
|
|
|
|
227
|
105
|
|
|
|
|
349
|
$self->_is_listed_in(blacklist => $env); |
228
|
|
|
|
|
|
|
} |
229
|
|
|
|
|
|
|
|
230
|
|
|
|
|
|
|
# |
231
|
|
|
|
|
|
|
# Checks if the requester's IP in the whitelist |
232
|
|
|
|
|
|
|
sub is_remote_whitelisted { |
233
|
95
|
|
|
95
|
1
|
160
|
my ($self, $env) = @_; |
234
|
|
|
|
|
|
|
|
235
|
95
|
|
|
|
|
209
|
$self->_is_listed_in(whitelist => $env); |
236
|
|
|
|
|
|
|
} |
237
|
|
|
|
|
|
|
|
238
|
|
|
|
|
|
|
# |
239
|
|
|
|
|
|
|
# Checks if remote IP address in accesslist |
240
|
|
|
|
|
|
|
sub _is_listed_in { |
241
|
200
|
|
|
200
|
|
333
|
my ($self, $list, $env) = @_; |
242
|
|
|
|
|
|
|
|
243
|
200
|
50
|
|
|
|
682
|
return unless $self->$list; |
244
|
200
|
|
|
|
|
1690
|
return $self->$list->find($env->{REMOTE_ADDR}); |
245
|
|
|
|
|
|
|
} |
246
|
|
|
|
|
|
|
|
247
|
|
|
|
|
|
|
# |
248
|
|
|
|
|
|
|
# Populates the blacklist/whitelist |
249
|
|
|
|
|
|
|
sub _initialize_accesslist { |
250
|
80
|
|
|
80
|
|
501
|
my ($self, $items) = @_; |
251
|
|
|
|
|
|
|
|
252
|
80
|
|
|
|
|
412
|
my $list = Net::CIDR::Lite->new; |
253
|
|
|
|
|
|
|
|
254
|
80
|
100
|
|
|
|
820
|
if ($items) { |
255
|
3
|
50
|
|
|
|
17
|
map { $list->add_any($_) } ref($items) eq 'ARRAY' ? @$items : ( $items ); |
|
6
|
|
|
|
|
400
|
|
256
|
|
|
|
|
|
|
} |
257
|
|
|
|
|
|
|
|
258
|
80
|
|
|
|
|
834
|
$list; |
259
|
|
|
|
|
|
|
} |
260
|
|
|
|
|
|
|
|
261
|
|
|
|
|
|
|
# |
262
|
|
|
|
|
|
|
# Check if limits is not exceeded |
263
|
|
|
|
|
|
|
sub is_allowed { |
264
|
95
|
|
|
95
|
1
|
190
|
my ($self) = @_; |
265
|
|
|
|
|
|
|
|
266
|
95
|
100
|
100
|
|
|
251
|
if (($self->backend->reqs_done < $self->backend->reqs_max) || $self->privileged) { |
267
|
62
|
|
|
|
|
184
|
$self->backend->increment; |
268
|
62
|
50
|
|
|
|
354
|
return $self->privileged |
|
|
100
|
|
|
|
|
|
269
|
|
|
|
|
|
|
? 1 : $self->backend->reqs_done <= $self->backend->reqs_max ? 1 : 0; |
270
|
|
|
|
|
|
|
} |
271
|
|
|
|
|
|
|
else { |
272
|
33
|
|
|
|
|
386
|
return 0; |
273
|
|
|
|
|
|
|
} |
274
|
|
|
|
|
|
|
} |
275
|
|
|
|
|
|
|
|
276
|
|
|
|
|
|
|
# |
277
|
|
|
|
|
|
|
# Requester's ID |
278
|
|
|
|
|
|
|
sub requester_id { |
279
|
95
|
|
|
95
|
1
|
630
|
my ($self, $env) = @_; |
280
|
95
|
|
66
|
|
|
801
|
join ':' => 'throttle', $env->{REMOTE_ADDR}, ($env->{REMOTE_USER} || $self->defaults->{username}); |
281
|
|
|
|
|
|
|
} |
282
|
|
|
|
|
|
|
|
283
|
|
|
|
|
|
|
1; # End of Plack::Middleware::Throttle::Lite |
284
|
|
|
|
|
|
|
|
285
|
|
|
|
|
|
|
__END__ |