derek/auth-mistox
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Rate limiting will be handled by NGINX

Browse Source
This commit is contained in:
Derek Holloway
2025-07-24 21:07:39 -07:00
parent fe6710249a
commit b1a0f1d96f
1 changed files with 2 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/Server/Program.cs
+2 -20
View File
@@ -1,6 +1,5 @@
using Auth.Services; using Auth.Services;
using Auth.Services.DatabaseService; using Auth.Services.DatabaseService;
using System.Threading.RateLimiting;
using System.Security.Claims; using System.Security.Claims;
using Microsoft.AspNetCore.Authentication.JwtBearer; using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.IdentityModel.Tokens; using Microsoft.IdentityModel.Tokens;
@@ -33,7 +32,7 @@ string? _dbpass = Environment.GetEnvironmentVariable("MySQLPass");
string dbPass = !string.IsNullOrEmpty(_dbpass) ? _dbpass : "oasv34$8gpv023dd"; string dbPass = !string.IsNullOrEmpty(_dbpass) ? _dbpass : "oasv34$8gpv023dd";
// Create the database serivice // Create the database serivice
DatabaseService databaseService = new DatabaseService(connectionString: "server=" + dbserver + ";user=" + dbUser + ";database=" + dbdatabase + ";password=" + dbPass + ";port=3306;"); DatabaseService databaseService = new DatabaseService(connectionString: "server=" + dbserver + ";user=" + dbUser + ";database=" + dbdatabase + ";password=" + dbPass + ";port=3307;");
builder.Services.Add( new ServiceDescriptor( typeof( DatabaseService ), databaseService ) ); builder.Services.Add( new ServiceDescriptor( typeof( DatabaseService ), databaseService ) );
//////////////////////////////// ////////////////////////////////
@@ -110,23 +109,6 @@ builder.Services.AddCors(o => o.AddDefaultPolicy(builder => {
builder.AllowAnyOrigin().AllowAnyMethod().AllowAnyHeader(); // No CORS builder.AllowAnyOrigin().AllowAnyMethod().AllowAnyHeader(); // No CORS
})); }));
builder.Services.AddRateLimiter(options => {
options.AddPolicy("PerUserPolicy", httpContext => {
var userId = httpContext.User.FindFirst(ClaimTypes.NameIdentifier)?.Value
?? httpContext.User.Identity?.Name
?? httpContext.Connection.RemoteIpAddress?.ToString();
return RateLimitPartition.GetTokenBucketLimiter(userId, key => new TokenBucketRateLimiterOptions {
TokenLimit = 10, // max 10 requests
QueueProcessingOrder = QueueProcessingOrder.OldestFirst,
QueueLimit = 0,
ReplenishmentPeriod = TimeSpan.FromSeconds(15),
TokensPerPeriod = 2,
AutoReplenishment = true
});
});
});
// Pages Service // Pages Service
builder.Services.AddControllers(); builder.Services.AddControllers();
builder.Services.AddRazorPages(); builder.Services.AddRazorPages();
@@ -146,7 +128,7 @@ app.UseCors();
app.UseRouting(); app.UseRouting();
app.UseAuthentication(); app.UseAuthentication();
app.MapControllers().RequireRateLimiting("perUserPolicy"); app.MapControllers();
app.MapFallbackToFile("index.html"); app.MapFallbackToFile("index.html");