dr-bonez
commented
4 years ago According to matrix spec, I believe rate limiting should be on a per endpoint basis?
Closed sparky8251 closed 4 years ago
dr-bonez
commented
4 years ago According to matrix spec, I believe rate limiting should be on a per endpoint basis?
sparky8251
commented
4 years ago Might have to revisit this then @dr-bonez. I'm unsure if actix has facilities for middleware to operate on a per endpoint basis and neither of the ratelimiting middlewares I found that exist do it either.
At the very least... This is trivial to remove so if its wrong for our needs it can go in 5s.
Implemented simple rate limiting. 100 queries in a 60 second interval.
Used
actix-ratelimiting. Asked the dev if its still active since it had last seen a commit to master 2 months ago. Looks like development is ongoing so it is still supported.actix-ratelimitinglikely still needs review, but I'm not suitable for that... At the very least it uses dashmap/redis for storing client lists to determine if ratelimiting needs to be applied.