Class: RailsErrorDashboard::Middleware::RateLimiter

Inherits:
Object
  • Object
show all
Defined in:
lib/rails_error_dashboard/middleware/rate_limiter.rb

Overview

Rate limiting middleware for Rails Error Dashboard routes Protects both dashboard UI and API endpoints from abuse

Constant Summary collapse

LIMITS =

Rate limits by endpoint type

{
  # API endpoints (mobile/frontend) - stricter limits
  "/error_dashboard/api" => { limit: 100, period: 60 }, # 100 req/min

  # Dashboard pages (human users) - more lenient
  "/error_dashboard" => { limit: 300, period: 60 } # 300 req/min
}.freeze

Instance Method Summary collapse

Constructor Details

#initialize(app) ⇒ RateLimiter

Returns a new instance of RateLimiter.



17
18
19
20
 
# File 'lib/rails_error_dashboard/middleware/rate_limiter.rb', line 17

def initialize(app)
  @app = app
  @cache = Rails.cache
end

Instance Method Details

#call(env) ⇒ Object 



22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
 
# File 'lib/rails_error_dashboard/middleware/rate_limiter.rb', line 22

def call(env)
  return @app.call(env) unless enabled?

  request = Rack::Request.new(env)

  # Only apply rate limiting to error dashboard routes
  return @app.call(env) unless error_dashboard_route?(request.path)

  # Find matching rate limit configuration
  limit_config = find_limit_config(request.path)
  return @app.call(env) unless limit_config

  # Check rate limit
  key = rate_limit_key(request)
  current_count = @cache.read(key).to_i

  if current_count >= limit_config[:limit]
    return rate_limit_response(request, limit_config)
  end

  # Increment counter with expiration
  @cache.write(key, current_count + 1, expires_in: limit_config[:period].seconds)

  @app.call(env)
end