rpc-proxy icon indicating copy to clipboard operation
rpc-proxy copied to clipboard
verified publisher icon gochain

Support per API-Key Limits

Open jmank88 opened this issue 7 years ago • 2 comments

We need to support alternate limits for specific clients. Instead of listing specific IP addresses (like with -nolimit) some sort of api-key included in the header would be more general and flexible (e.g. changing IPs, sharing a single key between multiple machines). The rpm per key could then be specified via a flag whose value is a csv of : separated pairs of key and rpm - <key>:<rpm>. For example:

-limits AKXOXLEK:100,LXKFGODK:10

Perhaps an entry without an rpm value could mean -nolimit, and then we could deprecate the -nolimit flag.

-limits AKOXLEK,LXKFGODK:10

The API key format should remain as flexible as possible (any UTF-8 plaintext?) to maximize compatibility with any generation method.

jmank88 avatar Aug 29 '18 18:08 jmank88

Which HTTP header should we use for the api-key? Is there a standard one that is appropriate?

jmank88 avatar Aug 29 '18 18:08 jmank88

Authorization header typically.

Authorization: Bearer TOKEN

treeder avatar Aug 29 '18 20:08 treeder