Skip to content

Commit

Permalink
[Fix] Configure rate limiter based on App Insights user (#11865)
Browse files Browse the repository at this point in the history 
* bucket by app insights user

* locust test

* remove locust test
  • Loading branch information
@petertgiles
petertgiles authored Nov 1, 2024
1 parent daa8785 commit 9c2b65d
Showing 1 changed file with 18 additions and 3 deletions.
21 changes: 18 additions & 3 deletions api/app/Providers/RouteServiceProvider.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,23 +50,38 @@ public function boot()
*/
protected function configureRateLimiting()
{
// Limit by authenticated user, then App Insights user, then IP.
// In Azure, the request API is masked by the Azure gateway so it is the least useful discriminator.

RateLimiter::for('api', function (Request $request) {
return Limit::perMinute(config('app.rate_limit'))->by(optional($request->user())->id ?: $request->ip())->response(function () {
return Limit::perMinute(config('app.rate_limit'))->by(
$request->user()?->id
?? $request->cookie('ai_user')
?? $request->ip()
)->response(function () {
return response([
'message' => 'Rate Limit Reached for API',
], 429);
});
});
RateLimiter::for('web', function (Request $request) {
return Limit::perMinute(config('app.rate_limit'))->by(optional($request->user())->id ?: $request->ip())->response(function () {
return Limit::perMinute(config('app.rate_limit'))->by(
$request->user()?->id
?? $request->cookie('ai_user')
?? $request->ip()
)->response(function () {
return response([
'message' => 'Rate Limit Reached for Web',
], 429);
});
});
// This limiter is for the throttle directive which can be set independently of the route-based limiters and can raise graphql-style error messages.
RateLimiter::for('graphql', function (Request $request) {
return Limit::perMinute(config('app.rate_limit'))->by(optional($request->user())->id ?: $request->ip());
return Limit::perMinute(config('app.rate_limit'))->by(
$request->user()?->id
?? $request->cookie('ai_user')
?? $request->ip()
);
});
}
}

0 comments on commit 9c2b65d

Please sign in to comment.