core icon indicating copy to clipboard operation
core copied to clipboard
verified publisher icon CubeEngine

WebAPI

Open Faithcaio opened this issue 11 years ago • 0 comments

Add a flexible and fast Web API that supports both single http request and persistent Web sockets connections for real time communication.

_WebSockets support for API Server_

  • [x] This is needed for push-based real time applications

_Post and preprocessing for request handlers_

  • [ ] Preprocessors would process the request data (like for example validation)
  • [X] ~~~Postprocessors would process the generated response (for example another module that adds fields to an existing handler instead of creating a new one)~~~ (probably not as useful as it seemed)

_Early IP validation_

  • [x] The ip Whitelist and blacklist checks should occur as early in the request pipeline as possible to optimize performance and minimize ddos vulnerabilities

_Web sockets connection limit_

  • [x] Limit per IP (global configuration)
  • [ ] Global limit (all connections)

_Authentication_

  • [x] request authentication using the user storage

_Rate limiting_

  • [ ] The web API should limit the request rate per user to mitigate flooding and similar attacks

_Route matcher_

  • [ ] Implement a route matcher that uses a tree structure to match the specific parts of routes

Faithcaio avatar May 26 '14 20:05 Faithcaio