apiac_filter_throttler v1.0.0 APIacFilterThrottler.Functions View Source
Throttling functions that construct keys for the APIacFilterThrottler
plug.
Note that except throttle_by_ip_subject_client_safe/1
, these functions do
not protect against collisions. See the Security considerations of the
APIacFilterThrottler
module for further information.
Link to this section Summary
Functions
Returns the authenticated client as a string
Returns the authenticated client concatenated to the path as a string
Returns the IP address as a string
Returns the IP address concatenated to client as a string. May be usefull when
dealing with OAuth2 public clients such as mobiles apps or SPAs, when many devices
share the same client_id
and to limit the global volume of calls so as to
protect against, for instance, application faults triggering request storms
Returns the IP address concatenated to the path as a string
Returns the IP address concatenated to subject and the client. Maybe be usefull when dealing with OAuth2 public clients such as mobiles apps that can be used on several personal devices (e.g. Android laptop, smartphone and tablet) simultaneously (however devices could share the same IP address)
Returns the subject concatenated to the client. Maybe be usefull when
dealing with OAuth2 public clients such as mobiles apps or SPAs, when many devices
share the same client_id
, to protect against a malicious user trying to globally
block the API
Same as throttle_by_subject_client/1 but avoids collisions by using :erlang.phash2/1
Link to this section Functions
throttle_by_client(conn)
View Sourcethrottle_by_client(Plug.Conn.t()) :: String.t()
Returns the authenticated client as a string
Make sure that a client is authenticated by an APIac.Authenticator
plug, otherwise
this function will raise an exception since you certainly don't want clients to be
throttled, but not unauthenticated accesses
Example:
iex> throttle_by_client(conn)
"client32187"
throttle_by_client_path(conn)
View Sourcethrottle_by_client_path(Plug.Conn.t()) :: String.t()
Returns the authenticated client concatenated to the path as a string
Make sure that a client is authenticated by an APIac.Authenticator
plug, otherwise
this function will raise an exception since you certainly don't want clients to be
throttled, but not unauthenticated accesses
Example:
iex> throttle_by_client_path(conn)
"client32187/api/prices/eurusd"
Returns the IP address as a string
Make sure that the remote_ip
of the Plug.Conn.t
is correctly set
Example:
iex> throttle_by_ip(conn)
"121.42.56.166"
throttle_by_ip_client(conn)
View Sourcethrottle_by_ip_client(Plug.Conn.t()) :: String.t()
Returns the IP address concatenated to client as a string. May be usefull when
dealing with OAuth2 public clients such as mobiles apps or SPAs, when many devices
share the same client_id
and to limit the global volume of calls so as to
protect against, for instance, application faults triggering request storms
Make sure that the remote_ip
of the Plug.Conn.t
is correctly set
Example:
iex> throttle_by_ip_client(conn)
"121.42.56.166client10341"
throttle_by_ip_path(conn)
View Sourcethrottle_by_ip_path(Plug.Conn.t()) :: String.t()
Returns the IP address concatenated to the path as a string
Make sure that the remote_ip
of the Plug.Conn.t
is correctly set
Example:
iex> throttle_by_ip_path(conn)
"121.42.56.166/api/prices/eurusd"
throttle_by_ip_subject_client(conn)
View Sourcethrottle_by_ip_subject_client(Plug.Conn.t()) :: String.t()
Returns the IP address concatenated to subject and the client. Maybe be usefull when dealing with OAuth2 public clients such as mobiles apps that can be used on several personal devices (e.g. Android laptop, smartphone and tablet) simultaneously (however devices could share the same IP address)
Example:
iex> throttle_by_ip_subject_client(conn)
"275.33.99.208bob23mymobileapp"
throttle_by_subject_client(conn)
View Sourcethrottle_by_subject_client(Plug.Conn.t()) :: String.t()
Returns the subject concatenated to the client. Maybe be usefull when
dealing with OAuth2 public clients such as mobiles apps or SPAs, when many devices
share the same client_id
, to protect against a malicious user trying to globally
block the API
Example:
iex> throttle_by_subject_client(conn)
"bob23mymobileapp"
throttle_by_subject_client_safe(conn)
View Sourcethrottle_by_subject_client_safe(Plug.Conn.t()) :: String.t()
Same as throttle_by_subject_client/1 but avoids collisions by using :erlang.phash2/1
Example:
iex> throttle_by_ip_subject_client_safe(conn)
"37541545"