limits

package
v0.0.0-...-a7c217f Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 30, 2024 License: AGPL-3.0 Imports: 7 Imported by: 6

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var ErrRateLimitExceeded = errors.New("Rate limit exceeded")

ErrRateLimitExceeded is the error returned when the limit was already reached before the check.

View Source 
var ErrRateLimitReached = errors.New("Rate limit reached")

ErrRateLimitReached is the error returned when we were under the limit before the check, and reach the limit.

Functions

func GetMaximumLimit 

func GetMaximumLimit(ct CounterType) int64

GetMaximumLimit returns the limit of a CounterType

func IsLimitReachedOrExceeded 

func IsLimitReachedOrExceeded(err error) bool

IsLimitReachedOrExceeded return true if the limit has been reached or exceeded, false otherwise.

func SetMaximumLimit 

func SetMaximumLimit(ct CounterType, newLimit int64)

SetMaximumLimit sets a new limit for a CounterType

Types

type Counter 

type Counter interface {
	Increment(key string, timeLimit time.Duration) (int64, error)
	Reset(key string) error
}

Counter is an interface for counting number of attempts that can be used to rate limit the number of logins and 2FA tries, and thus block bruteforce attacks.

func NewRedis 

func NewRedis(client redis.UniversalClient) Counter

NewRedis returns a counter that can be mutualized between several cozy-stack processes by using redis.

type CounterType 

type CounterType int

CounterType os an enum for the type of counters used by rate-limiting. 

const (
	// AuthType is used for counting the number of login attempts.
	AuthType CounterType = iota
	// TwoFactorGenerationType is used for counting the number of times a 2FA
	// is generated.
	TwoFactorGenerationType
	// TwoFactorType is used for counting the number of 2FA attempts.
	TwoFactorType
	// OAuthClientType is used for counting the number of OAuth clients.
	// creations/updates.
	OAuthClientType
	// SharingInviteType is used for counting the number of sharing invitations
	// sent to a given instance.
	SharingInviteType
	// SharingPublicLinkType is used for counting the number of public sharing
	// link consultations
	SharingPublicLinkType
	// JobThumbnailType is used for counting the number of thumbnail jobs
	// executed by an instance
	JobThumbnailType
	// JobShareTrackType is used for counting the number of updates of the
	// io.cozy.shared database
	JobShareTrackType
	// JobShareReplicateType is used for counting the number of replications
	JobShareReplicateType
	// JobShareUploadType is used for counting the file uploads
	JobShareUploadType
	// JobKonnectorType is used for counting the number of konnector executions
	JobKonnectorType
	// JobZipType is used for cozies exports
	JobZipType
	// JobSendMailType is used for mail sending
	JobSendMailType
	// JobServiceType is used for generic services
	// Ex: categorization or matching for banking
	JobServiceType
	// JobNotificationType is used for mobile notifications pushing
	JobNotificationType
	// SendHintByMail is used for sending the password hint by email
	SendHintByMail
	// JobNotesPersistType is used for saving notes to the VFS
	JobNotesPersistType
	// JobClientType is used for the jobs associated to a @client trigger
	JobClientType
	// ExportType is used for creating an export of the data
	ExportType
	// WebhookTriggerType is used for calling a webhook trigger
	WebhookTriggerType
	// JobCleanClientType is used for cleaning unused OAuth clients
	JobCleanClientType
	// ConfirmFlagshipType is used when the user is asked to manually certify
	// that an OAuth client is the flagship app.
	ConfirmFlagshipType
	// MagicLinkType is used when sending emails with a magic link that can
	// authenticate the user into a Cozy
	MagicLinkType
	// ResendOnboardingMailType is used for resending the onboarding link by email
	ResendOnboardingMailType
)

type InMemory 

type InMemory struct {
	// contains filtered or unexported fields
}

InMemory implementation ofr Counter.

func NewInMemory 

func NewInMemory() *InMemory

NewInMemory returns a in-memory counter.

func (*InMemory) Increment 

func (i *InMemory) Increment(key string, timeLimit time.Duration) (int64, error)

func (*InMemory) Reset 

func (i *InMemory) Reset(key string) error

type RateLimiter 

type RateLimiter struct {
	// contains filtered or unexported fields
}

RateLimiter allow to rate limite the access to some resource.

func NewRateLimiter 

func NewRateLimiter(client redis.UniversalClient) *RateLimiter

NewRateLimiter instantiate a new RateLimiter.

The backend selection is done based on the `client` argument. If a client is given, the redis backend is chosen, if nil is provided the inmemory backend would be chosen.

func (*RateLimiter) CheckRateLimit 

func (r *RateLimiter) CheckRateLimit(p prefixer.Prefixer, ct CounterType) error

CheckRateLimit returns an error if the counter for the given type and instance has reached the limit.

func (*RateLimiter) CheckRateLimitKey 

func (r *RateLimiter) CheckRateLimitKey(customKey string, ct CounterType) error

CheckRateLimitKey allows to check the rate-limit for a key

func (*RateLimiter) ResetCounter 

func (r *RateLimiter) ResetCounter(p prefixer.Prefixer, ct CounterType)

ResetCounter sets again to zero the counter for the given type and instance.

type Redis 

type Redis struct {
	Client redis.UniversalClient
	// contains filtered or unexported fields
}

Redis implementation of Counter.

This implementation is safe to use in multi-instances installation.

func (*Redis) Increment 

func (r *Redis) Increment(key string, timeLimit time.Duration) (int64, error)

func (*Redis) Reset 

func (r *Redis) Reset(key string) error

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.