rate limit user_balance_post by bearer OR ip
This commit is contained in:
parent
c3ae4ded2b
commit
b35cd58a76
@ -109,12 +109,22 @@ pub async fn user_balance_post(
|
|||||||
Extension(app): Extension<Arc<Web3ProxyApp>>,
|
Extension(app): Extension<Arc<Web3ProxyApp>>,
|
||||||
InsecureClientIp(ip): InsecureClientIp,
|
InsecureClientIp(ip): InsecureClientIp,
|
||||||
Path(mut params): Path<HashMap<String, String>>,
|
Path(mut params): Path<HashMap<String, String>>,
|
||||||
|
bearer: Option<TypedHeader<Authorization<Bearer>>>,
|
||||||
) -> Web3ProxyResponse {
|
) -> Web3ProxyResponse {
|
||||||
// I suppose this is ok / good, so people don't spam this endpoint as it is not "cheap"
|
// rate limit by bearer token **OR** IP address
|
||||||
// we rate limit by ip instead of bearer token so transactions are easy to submit from scripts
|
let (authorization, _semaphore) = if let Some(TypedHeader(Authorization(bearer))) = bearer {
|
||||||
// TODO: if ip is a 10. or a 172., allow unlimited
|
let (_, semaphore) = app.bearer_is_authorized(bearer).await?;
|
||||||
|
|
||||||
|
// TODO: is handling this as internal fine?
|
||||||
|
let authorization = Web3ProxyAuthorization::internal(app.db_conn())?;
|
||||||
|
|
||||||
|
(authorization, Some(semaphore))
|
||||||
|
} else {
|
||||||
let authorization = login_is_authorized(&app, ip).await?;
|
let authorization = login_is_authorized(&app, ip).await?;
|
||||||
|
|
||||||
|
(authorization, None)
|
||||||
|
};
|
||||||
|
|
||||||
// Get the transaction hash
|
// Get the transaction hash
|
||||||
let tx_hash: H256 = params
|
let tx_hash: H256 = params
|
||||||
.remove("tx_hash")
|
.remove("tx_hash")
|
||||||
|
Loading…
Reference in New Issue
Block a user