masonite icon indicating copy to clipboard operation
masonite copied to clipboard

Published 20 hours ago verified publisher icon MasoniteFramework

RateLimiter functions

Open seekerjason opened this issue 2 years ago • 2 comments

Describe the bug

I refer to the examples mentioned in Masonite V4.0 document, Rate Limiting section. there are two questions to ask:

  1. no ThrottleRequestsMiddleware exception raised after max attempts reached. I set Limit.per_day(2).by(request.ip()) in the PremiumUsersLimiter class when user.role is "premium". however, after 2 attempts, there is no ThrottleRequestsMiddleware exception thrown.

  2. in my code UploadController@create, if i use RateLimiter.remaining(request.ip(), 2) to check, it always return 2. however, if i use key = hashlib.md5(str("permium" + request.ip()).encode()).hexdigest() to RateLimiter.remaining method as first parameter, it returns correct remaining attempts. Checking ThrottleRequestsMiddleware.before() method code, it is also using the hashed key when calling RateLimiter methods.

Are above observations expected?

Expected behaviour

No response

Steps to reproduce the bug

refer to the description

Screenshots

No response

OS

Windows

OS version

Windows 11

Browser

Chrome Version 116.0.5845.141

Masonite Version

4.6.1

Anything else ?

No response

seekerjason avatar Sep 06 '23 08:09 seekerjason

by the way, i did not define get_response in my Limiter class.

seekerjason avatar Sep 06 '23 08:09 seekerjason

I found the problem. It is due to the ":timer" in rates/RateLimiter.py. Windows does not allow ":" as part of the filename. In case we use FileDriver as cache (default), it will fail to create the cache file when key contains ":". After change to "-", it works. When the limit is reached, i saw the ThrottleRequestsMiddleware exception is raised.

Hope you guys can fix this problem in the next release.

you can contact me at [email protected] for any clarifications. thanks

seekerjason avatar Sep 06 '23 10:09 seekerjason