web3-proxy/web3_proxy/src/frontend/mod.rs

/// this should move into web3_proxy once the basics are working
mod errors;
mod http;
mod http_proxy;
mod users;
mod ws_proxy;

use axum::{
    handler::Handler,
    response::IntoResponse,
    routing::{get, post},
    Extension, Router,
};
use entities::user_keys;
use redis_cell_client::ThrottleResult;
use reqwest::StatusCode;
use sea_orm::{
    ColumnTrait, DeriveColumn, EntityTrait, EnumIter, IdenStatic, QueryFilter, QuerySelect,
};
use std::net::{IpAddr, SocketAddr};
use std::sync::Arc;
use tracing::{debug, info};
use uuid::Uuid;

use crate::app::Web3ProxyApp;

use self::errors::handle_anyhow_error;

pub async fn rate_limit_by_ip(app: &Web3ProxyApp, ip: &IpAddr) -> Result<(), impl IntoResponse> {
    let rate_limiter_key = format!("ip-{}", ip);

    // TODO: dry this up with rate_limit_by_key
    if let Some(rate_limiter) = app.rate_limiter() {
        match rate_limiter
            .throttle_key(&rate_limiter_key, None, None, None)
            .await
        {
            Ok(ThrottleResult::Allowed) => {}
            Ok(ThrottleResult::RetryAt(_retry_at)) => {
                // TODO: set headers so they know when they can retry
                debug!(?rate_limiter_key, "rate limit exceeded"); // this is too verbose, but a stat might be good
                                                                  // TODO: use their id if possible
                return Err(handle_anyhow_error(
                    Some(StatusCode::TOO_MANY_REQUESTS),
                    None,
                    anyhow::anyhow!(format!("too many requests from this ip: {}", ip)),
                )
                .await
                .into_response());
            }
            Err(err) => {
                // internal error, not rate limit being hit
                // TODO: i really want axum to do this for us in a single place.
                return Err(handle_anyhow_error(
                    Some(StatusCode::INTERNAL_SERVER_ERROR),
                    None,
                    anyhow::anyhow!(format!("too many requests from this ip: {}", ip)),
                )
                .await
                .into_response());
            }
        }
    } else {
        // TODO: if no redis, rate limit with a local cache?
    }

    Ok(())
}

/// if Ok(()), rate limits are acceptable
/// if Err(response), rate limits exceeded
pub async fn rate_limit_by_key(
    app: &Web3ProxyApp,
    user_key: Uuid,
) -> Result<(), impl IntoResponse> {
    let db = app.db_conn();

    /// query just a few columns instead of the entire table
    #[derive(Copy, Clone, Debug, EnumIter, DeriveColumn)]
    enum QueryAs {
        UserId,
        RequestsPerMinute,
    }

    // query the db to make sure this key is active
    // TODO: probably want a cache on this
    match user_keys::Entity::find()
        .select_only()
        .column_as(user_keys::Column::UserId, QueryAs::UserId)
        .column_as(
            user_keys::Column::RequestsPerMinute,
            QueryAs::RequestsPerMinute,
        )
        .filter(user_keys::Column::ApiKey.eq(user_key))
        .filter(user_keys::Column::Active.eq(true))
        .into_values::<_, QueryAs>()
        .one(db)
        .await
    {
        Ok::<Option<(i64, u32)>, _>(Some((_user_id, user_count_per_period))) => {
            // user key is valid
            if let Some(rate_limiter) = app.rate_limiter() {
                // TODO: how does max burst actually work? what should it be?
                let user_max_burst = user_count_per_period / 3;
                let user_period = 60;

                if rate_limiter
                    .throttle_key(
                        &user_key.to_string(),
                        Some(user_max_burst),
                        Some(user_count_per_period),
                        Some(user_period),
                    )
                    .await
                    .is_err()
                {
                    // TODO: set headers so they know when they can retry
                    // warn!(?ip, "public rate limit exceeded");  // this is too verbose, but a stat might be good
                    // TODO: use their id if possible
                    return Err(handle_anyhow_error(
                        Some(StatusCode::TOO_MANY_REQUESTS),
                        None,
                        // TODO: include the user id (NOT THE API KEY!) here
                        anyhow::anyhow!("too many requests from this key"),
                    )
                    .await
                    .into_response());
                }
            } else {
                // TODO: if no redis, rate limit with a local cache?
            }
        }
        Ok(None) => {
            // invalid user key
            // TODO: rate limit by ip here, too? maybe tarpit?
            return Err(handle_anyhow_error(
                Some(StatusCode::FORBIDDEN),
                None,
                anyhow::anyhow!("unknown api key"),
            )
            .await
            .into_response());
        }
        Err(err) => {
            let err: anyhow::Error = err.into();

            return Err(handle_anyhow_error(
                Some(StatusCode::INTERNAL_SERVER_ERROR),
                None,
                err.context("failed checking database for user key"),
            )
            .await
            .into_response());
        }
    }

    Ok(())
}

pub async fn run(port: u16, proxy_app: Arc<Web3ProxyApp>) -> anyhow::Result<()> {
    // build our application with a route
    // order most to least common
    let app = Router::new()
        .route("/", post(http_proxy::public_proxy_web3_rpc))
        .route("/", get(ws_proxy::public_websocket_handler))
        .route("/u/:user_key", post(http_proxy::user_proxy_web3_rpc))
        .route("/u/:user_key", get(ws_proxy::user_websocket_handler))
        .route("/health", get(http::health))
        .route("/status", get(http::status))
        .route("/users", post(users::create_user))
        .layer(Extension(proxy_app))
        // 404 for any unknown routes
        .fallback(errors::handler_404.into_service());

    // run our app with hyper
    // `axum::Server` is a re-export of `hyper::Server`
    // TODO: allow only listening on localhost?
    let addr = SocketAddr::from(([0, 0, 0, 0], port));
    info!("listening on port {}", port);
    // TODO: into_make_service is enough if we always run behind a proxy. make into_make_service_with_connect_info optional?
    axum::Server::bind(&addr)
        // TODO: option to use with_connect_info. we want it in dev, but not when running behind a proxy, but not
        .serve(app.into_make_service_with_connect_info::<SocketAddr>())
        .with_graceful_shutdown(signal_shutdown())
        // .serve(app.into_make_service())
        .await
        .map_err(Into::into)
}

/// Tokio signal handler that will wait for a user to press CTRL+C.
/// We use this in our hyper `Server` method `with_graceful_shutdown`.
async fn signal_shutdown() {
    tokio::signal::ctrl_c()
        .await
        .expect("expect tokio signal ctrl-c");
    info!("signal shutdown");
}
move dev to different ports 2022-08-06 08:49:52 +03:00			`/// this should move into web3_proxy once the basics are working`
split frontend code up 2022-06-05 22:58:47 +03:00			`mod errors;`
			`mod http;`
			`mod http_proxy;`
just do one app for now 2022-07-14 00:49:57 +03:00			`mod users;`
split frontend code up 2022-06-05 22:58:47 +03:00			`mod ws_proxy;`
connection pooling 2022-07-07 06:22:09 +03:00
split frontend code up 2022-06-05 22:58:47 +03:00			`use axum::{`
			`handler::Handler,`
rate limiting on user key 2022-08-04 04:10:27 +03:00			`response::IntoResponse,`
split frontend code up 2022-06-05 22:58:47 +03:00			`routing::{get, post},`
			`Extension, Router,`
			`};`
fix directory structure 2022-08-05 22:22:23 +03:00			`use entities::user_keys;`
requests_per_minute, not requests_per_second 2022-08-07 22:33:16 +03:00			`use redis_cell_client::ThrottleResult;`
rate limiting on user key 2022-08-04 04:10:27 +03:00			`use reqwest::StatusCode;`
select only 2022-08-06 04:55:18 +03:00			`use sea_orm::{`
			`ColumnTrait, DeriveColumn, EntityTrait, EnumIter, IdenStatic, QueryFilter, QuerySelect,`
			`};`
rate limiting on user key 2022-08-04 04:10:27 +03:00			`use std::net::{IpAddr, SocketAddr};`
split frontend code up 2022-06-05 22:58:47 +03:00			`use std::sync::Arc;`
requests_per_minute, not requests_per_second 2022-08-07 22:33:16 +03:00			`use tracing::{debug, info};`
use uuid earlier 2022-08-06 04:17:25 +03:00			`use uuid::Uuid;`
lint 2022-06-15 04:02:26 +03:00
split frontend code up 2022-06-05 22:58:47 +03:00			`use crate::app::Web3ProxyApp;`

rate limiting on user key 2022-08-04 04:10:27 +03:00			`use self::errors::handle_anyhow_error;`

			`pub async fn rate_limit_by_ip(app: &Web3ProxyApp, ip: &IpAddr) -> Result<(), impl IntoResponse> {`
requests_per_minute, not requests_per_second 2022-08-07 22:33:16 +03:00			`let rate_limiter_key = format!("ip-{}", ip);`
rate limiting on user key 2022-08-04 04:10:27 +03:00
use uuid earlier 2022-08-06 04:17:25 +03:00			`// TODO: dry this up with rate_limit_by_key`
			`if let Some(rate_limiter) = app.rate_limiter() {`
requests_per_minute, not requests_per_second 2022-08-07 22:33:16 +03:00			`match rate_limiter`
make it work 2022-08-06 08:26:43 +03:00			`.throttle_key(&rate_limiter_key, None, None, None)`
			`.await`
			`{`
requests_per_minute, not requests_per_second 2022-08-07 22:33:16 +03:00			`Ok(ThrottleResult::Allowed) => {}`
			`Ok(ThrottleResult::RetryAt(_retry_at)) => {`
			`// TODO: set headers so they know when they can retry`
			`debug!(?rate_limiter_key, "rate limit exceeded"); // this is too verbose, but a stat might be good`
			`// TODO: use their id if possible`
			`return Err(handle_anyhow_error(`
			`Some(StatusCode::TOO_MANY_REQUESTS),`
			`None,`
			`anyhow::anyhow!(format!("too many requests from this ip: {}", ip)),`
			`)`
			`.await`
			`.into_response());`
			`}`
			`Err(err) => {`
			`// internal error, not rate limit being hit`
			`// TODO: i really want axum to do this for us in a single place.`
			`return Err(handle_anyhow_error(`
			`Some(StatusCode::INTERNAL_SERVER_ERROR),`
			`None,`
			`anyhow::anyhow!(format!("too many requests from this ip: {}", ip)),`
			`)`
			`.await`
			`.into_response());`
			`}`
use uuid earlier 2022-08-06 04:17:25 +03:00			`}`
			`} else {`
			`// TODO: if no redis, rate limit with a local cache?`
			`}`

			`Ok(())`
rate limiting on user key 2022-08-04 04:10:27 +03:00			`}`

fix directory structure 2022-08-05 22:22:23 +03:00			`/// if Ok(()), rate limits are acceptable`
			`/// if Err(response), rate limits exceeded`
rate limiting on user key 2022-08-04 04:10:27 +03:00			`pub async fn rate_limit_by_key(`
			`app: &Web3ProxyApp,`
use uuid earlier 2022-08-06 04:17:25 +03:00			`user_key: Uuid,`
rate limiting on user key 2022-08-04 04:10:27 +03:00			`) -> Result<(), impl IntoResponse> {`
			`let db = app.db_conn();`

requests_per_minute, not requests_per_second 2022-08-07 22:33:16 +03:00			`/// query just a few columns instead of the entire table`
select only 2022-08-06 04:55:18 +03:00			`#[derive(Copy, Clone, Debug, EnumIter, DeriveColumn)]`
			`enum QueryAs {`
			`UserId,`
requests_per_minute, not requests_per_second 2022-08-07 22:33:16 +03:00			`RequestsPerMinute,`
select only 2022-08-06 04:55:18 +03:00			`}`

fix directory structure 2022-08-05 22:22:23 +03:00			`// query the db to make sure this key is active`
			`// TODO: probably want a cache on this`
			`match user_keys::Entity::find()`
select only 2022-08-06 04:55:18 +03:00			`.select_only()`
			`.column_as(user_keys::Column::UserId, QueryAs::UserId)`
requests_per_minute, not requests_per_second 2022-08-07 22:33:16 +03:00			`.column_as(`
			`user_keys::Column::RequestsPerMinute,`
			`QueryAs::RequestsPerMinute,`
			`)`
fix directory structure 2022-08-05 22:22:23 +03:00			`.filter(user_keys::Column::ApiKey.eq(user_key))`
			`.filter(user_keys::Column::Active.eq(true))`
select only 2022-08-06 04:55:18 +03:00			`.into_values::<_, QueryAs>()`
fix directory structure 2022-08-05 22:22:23 +03:00			`.one(db)`
			`.await`
			`{`
requests_per_minute, not requests_per_second 2022-08-07 22:33:16 +03:00			`Ok::<Option<(i64, u32)>, _>(Some((_user_id, user_count_per_period))) => {`
fix directory structure 2022-08-05 22:22:23 +03:00			`// user key is valid`
use uuid earlier 2022-08-06 04:17:25 +03:00			`if let Some(rate_limiter) = app.rate_limiter() {`
make it work 2022-08-06 08:26:43 +03:00			`// TODO: how does max burst actually work? what should it be?`
requests_per_minute, not requests_per_second 2022-08-07 22:33:16 +03:00			`let user_max_burst = user_count_per_period / 3;`
			`let user_period = 60;`
make it work 2022-08-06 08:26:43 +03:00
use uuid earlier 2022-08-06 04:17:25 +03:00			`if rate_limiter`
make it work 2022-08-06 08:26:43 +03:00			`.throttle_key(`
			`&user_key.to_string(),`
			`Some(user_max_burst),`
			`Some(user_count_per_period),`
			`Some(user_period),`
			`)`
use uuid earlier 2022-08-06 04:17:25 +03:00			`.await`
			`.is_err()`
			`{`
			`// TODO: set headers so they know when they can retry`
			`// warn!(?ip, "public rate limit exceeded"); // this is too verbose, but a stat might be good`
			`// TODO: use their id if possible`
			`return Err(handle_anyhow_error(`
			`Some(StatusCode::TOO_MANY_REQUESTS),`
			`None,`
todos 2022-08-06 09:17:49 +03:00			`// TODO: include the user id (NOT THE API KEY!) here`
make it work 2022-08-06 08:26:43 +03:00			`anyhow::anyhow!("too many requests from this key"),`
use uuid earlier 2022-08-06 04:17:25 +03:00			`)`
			`.await`
			`.into_response());`
			`}`
			`} else {`
			`// TODO: if no redis, rate limit with a local cache?`
			`}`
fix directory structure 2022-08-05 22:22:23 +03:00			`}`
			`Ok(None) => {`
			`// invalid user key`
			`// TODO: rate limit by ip here, too? maybe tarpit?`
			`return Err(handle_anyhow_error(`
			`Some(StatusCode::FORBIDDEN),`
			`None,`
			`anyhow::anyhow!("unknown api key"),`
			`)`
			`.await`
			`.into_response());`
			`}`
use uuid earlier 2022-08-06 04:17:25 +03:00			`Err(err) => {`
			`let err: anyhow::Error = err.into();`
rate limiting on user key 2022-08-04 04:10:27 +03:00
			`return Err(handle_anyhow_error(`
use uuid earlier 2022-08-06 04:17:25 +03:00			`Some(StatusCode::INTERNAL_SERVER_ERROR),`
rate limiting on user key 2022-08-04 04:10:27 +03:00			`None,`
use uuid earlier 2022-08-06 04:17:25 +03:00			`err.context("failed checking database for user key"),`
rate limiting on user key 2022-08-04 04:10:27 +03:00			`)`
			`.await`
			`.into_response());`
			`}`
			`}`

			`Ok(())`
			`}`

split frontend code up 2022-06-05 22:58:47 +03:00			`pub async fn run(port: u16, proxy_app: Arc<Web3ProxyApp>) -> anyhow::Result<()> {`
			`// build our application with a route`
comment 2022-07-26 08:01:08 +03:00			`// order most to least common`
split frontend code up 2022-06-05 22:58:47 +03:00			`let app = Router::new()`
fix directory structure 2022-08-05 22:22:23 +03:00			`.route("/", post(http_proxy::public_proxy_web3_rpc))`
			`.route("/", get(ws_proxy::public_websocket_handler))`
use uuid earlier 2022-08-06 04:17:25 +03:00			`.route("/u/:user_key", post(http_proxy::user_proxy_web3_rpc))`
			`.route("/u/:user_key", get(ws_proxy::user_websocket_handler))`
status codes on health 2022-06-29 21:22:53 +03:00			`.route("/health", get(http::health))`
split frontend code up 2022-06-05 22:58:47 +03:00			`.route("/status", get(http::status))`
just do one app for now 2022-07-14 00:49:57 +03:00			`.route("/users", post(users::create_user))`
flatten the app 2022-08-07 22:35:24 +03:00			`.layer(Extension(proxy_app))`
			`// 404 for any unknown routes`
			`.fallback(errors::handler_404.into_service());`
split frontend code up 2022-06-05 22:58:47 +03:00
			`// run our app with hyper`
			// `axum::Server` is a re-export of `hyper::Server`
fix directory structure 2022-08-05 22:22:23 +03:00			`// TODO: allow only listening on localhost?`
split frontend code up 2022-06-05 22:58:47 +03:00			`let addr = SocketAddr::from(([0, 0, 0, 0], port));`
use uuid earlier 2022-08-06 04:17:25 +03:00			`info!("listening on port {}", port);`
connection pooling 2022-07-07 06:22:09 +03:00			`// TODO: into_make_service is enough if we always run behind a proxy. make into_make_service_with_connect_info optional?`
split frontend code up 2022-06-05 22:58:47 +03:00			`axum::Server::bind(&addr)`
better results and errors 2022-08-07 09:48:57 +03:00			`// TODO: option to use with_connect_info. we want it in dev, but not when running behind a proxy, but not`
			`.serve(app.into_make_service_with_connect_info::<SocketAddr>())`
requests_per_minute, not requests_per_second 2022-08-07 22:33:16 +03:00			`.with_graceful_shutdown(signal_shutdown())`
better results and errors 2022-08-07 09:48:57 +03:00			`// .serve(app.into_make_service())`
split frontend code up 2022-06-05 22:58:47 +03:00			`.await`
			`.map_err(Into::into)`
			`}`
requests_per_minute, not requests_per_second 2022-08-07 22:33:16 +03:00
			`/// Tokio signal handler that will wait for a user to press CTRL+C.`
			/// We use this in our hyper `Server` method `with_graceful_shutdown`.
			`async fn signal_shutdown() {`
			`tokio::signal::ctrl_c()`
			`.await`
			`.expect("expect tokio signal ctrl-c");`
			`info!("signal shutdown");`
			`}`