Class: RailsErrorDashboard::Middleware::RateLimiter

Inherits:
Object
  • Object
show all
Defined in:
lib/rails_error_dashboard/middleware/rate_limiter.rb

Overview

Rate limiting middleware for Rails Error Dashboard routes Protects both dashboard UI and API endpoints from abuse

Constant Summary collapse

API_LIMIT =

Rate limits by endpoint type (relative to engine mount path)

{ limit: 100, period: 60 }.freeze
DASHBOARD_LIMIT =

100 req/min

{ limit: 300, period: 60 }.freeze

Instance Method Summary collapse

Constructor Details

#initialize(app) ⇒ RateLimiter

300 req/min



12
13
14
15
 
# File 'lib/rails_error_dashboard/middleware/rate_limiter.rb', line 12

def initialize(app)
  @app = app
  @cache = Rails.cache
end

Instance Method Details

#call(env) ⇒ Object 



17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
 
# File 'lib/rails_error_dashboard/middleware/rate_limiter.rb', line 17

def call(env)
  return @app.call(env) unless enabled?

  request = Rack::Request.new(env)

  # Only apply rate limiting to error dashboard routes
  return @app.call(env) unless error_dashboard_route?(request.path)

  # Find matching rate limit configuration
  limit_config = find_limit_config(request.path)
  return @app.call(env) unless limit_config

  # Check rate limit
  key = rate_limit_key(request)
  current_count = @cache.read(key).to_i

  if current_count >= limit_config[:limit]
    return rate_limit_response(request, limit_config)
  end

  # Increment counter with expiration
  @cache.write(key, current_count + 1, expires_in: limit_config[:period].seconds)

  @app.call(env)
end