stefanprodan
Client rate limit by body parameter with multiple values.
We use AspNetCoreRateLimit in our projects. Everything was pretty good until now.
We need additional features for that package as below:
We should apply rate limit rules for clients by requesting body parameters. The rule must belong to a specific endpoint. That could be stored in Redis and changeable anytime as dynamically. I have developed a draft and here are my updates:
I have used ValidationAttribute to reach related property and values and created a custom validation attribute called ClientRateLimitAttribute. The rest of the code is similar to RateLimitProcessor. Config as below:
Now we have "EnableBodyParameter" and "BodyParameters" configs.
"ClientRateLimitPolicies": {
"ClientRules": [
{
"ClientId": "cl-key-0",
"Rules": [
{
"Endpoint": "*",
"Period": "1s",
"Limit": 10
},
{
"Endpoint": "get:/api/clients",
"Period": "1m",
"Limit": 2
},
{
"Endpoint": "put:/api/clients",
"Period": "5m",
"Limit": 2
},
{
"Endpoint": "post:/api/clients",
"Period": "1m",
"Limit": 7,
"EnableBodyParameter": true,
"BodyParameters": [
{
"ParameterName": "value",
"ParameterValues": ["abc", "xyz"],
"Period": "1m",
"Limit": 3
},
{
"ParameterName": "value",
"ParameterValues": ["qwe", "rty"],
"Period": "1m",
"Limit": 5
}
]
}
]
}
]
}
That code works like this now but I know I can improve more. Before doing that I like to ask that would you support this? And what are your suggestions?
NOTE: I wanted to share the changes as PR, just for review.
In fact there is no X-Forwarded-For support in general. Created an issue about it at https://github.com/stefanprodan/AspNetCoreRateLimit/issues/412
