Stanley Dimant
@@ -68,6 +68,7 @@ namespace MareSynchronosServer
|
||||
.AddScheme<AuthenticationSchemeOptions, SecretKeyAuthenticationHandler>(SecretKeyAuthenticationHandler.AuthScheme, options => { });
|
||||
services.AddAuthorization(options => options.FallbackPolicy = new AuthorizationPolicyBuilder().RequireAuthenticatedUser().Build());
|
||||
|
||||
services.AddSingleton<IRateLimitConfiguration, RateLimitConfiguration>();
|
||||
|
||||
services.AddSignalR(hubOptions =>
|
||||
{
|
||||
@@ -75,9 +76,8 @@ namespace MareSynchronosServer
|
||||
hubOptions.EnableDetailedErrors = true;
|
||||
hubOptions.MaximumParallelInvocationsPerClient = 10;
|
||||
hubOptions.StreamBufferCapacity = 200;
|
||||
hubOptions.AddFilter<SignalRLimitFilter>();
|
||||
});
|
||||
|
||||
services.AddSingleton<IRateLimitConfiguration, RateLimitConfiguration>();
|
||||
}
|
||||
|
||||
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
|
||||
|
||||
@@ -0,0 +1,58 @@
|
||||
using AspNetCoreRateLimit;
|
||||
using Microsoft.AspNetCore.SignalR;
|
||||
using Microsoft.Extensions.Options;
|
||||
using System;
|
||||
using System.Threading.Tasks;
|
||||
|
||||
namespace MareSynchronosServer.Throttling;
|
||||
public class SignalRLimitFilter : IHubFilter
|
||||
{
|
||||
private readonly IRateLimitProcessor _processor;
|
||||
|
||||
public SignalRLimitFilter(
|
||||
IOptions<IpRateLimitOptions> options, IProcessingStrategy processing, IRateLimitCounterStore counterStore,
|
||||
IRateLimitConfiguration rateLimitConfiguration, IIpPolicyStore policyStore)
|
||||
{
|
||||
_processor = new IpRateLimitProcessor(options?.Value, policyStore, processing);
|
||||
}
|
||||
|
||||
public async ValueTask<object> InvokeMethodAsync(
|
||||
HubInvocationContext invocationContext, Func<HubInvocationContext, ValueTask<object>> next)
|
||||
{
|
||||
var httpContext = invocationContext.Context.GetHttpContext();
|
||||
var ip = httpContext.Connection.RemoteIpAddress.ToString();
|
||||
var client = new ClientRequestIdentity
|
||||
{
|
||||
ClientIp = ip,
|
||||
Path = invocationContext.HubMethodName,
|
||||
HttpVerb = "ws",
|
||||
ClientId = invocationContext.Context.UserIdentifier
|
||||
};
|
||||
foreach (var rule in await _processor.GetMatchingRulesAsync(client))
|
||||
{
|
||||
var counter = await _processor.ProcessRequestAsync(client, rule);
|
||||
Console.WriteLine("time: {0}, count: {1}", counter.Timestamp, counter.Count);
|
||||
if (counter.Count > rule.Limit)
|
||||
{
|
||||
var retry = counter.Timestamp.RetryAfterFrom(rule);
|
||||
throw new HubException($"call limit {retry}");
|
||||
}
|
||||
}
|
||||
|
||||
Console.WriteLine($"Calling hub method '{invocationContext.HubMethodName}'");
|
||||
return await next(invocationContext);
|
||||
}
|
||||
|
||||
// Optional method
|
||||
public Task OnConnectedAsync(HubLifetimeContext context, Func<HubLifetimeContext, Task> next)
|
||||
{
|
||||
return next(context);
|
||||
}
|
||||
|
||||
// Optional method
|
||||
public Task OnDisconnectedAsync(
|
||||
HubLifetimeContext context, Exception exception, Func<HubLifetimeContext, Exception, Task> next)
|
||||
{
|
||||
return next(context, exception);
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user