diff --git a/README.md b/README.md index 8baa2f6..06f90ab 100644 --- a/README.md +++ b/README.md @@ -98,8 +98,7 @@ func main() { router.Endpoint(authpb.AuthService.List), router.Params("limit", "offset"), router.AuthRequired(), - router.RatelimitClientIP("1-M"), - router.RatelimitUser("1-M"), + router.RatelimitUser("1-S", "10-M"), ), router.NewRoute( router.Method(router.MethodPost), @@ -118,7 +117,6 @@ func main() { router.Path("/refresh"), router.Endpoint(authpb.AuthService.Refresh), router.RatelimitClientIP("1-M", "10-H", "50-D"), - router.RatelimitUser("1-M", "10-H", "50-D"), ), router.NewRoute( router.Method(router.MethodDelete), @@ -126,7 +124,6 @@ func main() { router.Endpoint(authpb.AuthService.Delete), router.Params("userId"), router.AuthRequired(), - router.RatelimitClientIP("1-S", "10-M"), router.RatelimitUser("1-S", "10-M"), ), router.NewRoute( @@ -135,7 +132,6 @@ func main() { router.Endpoint(authpb.AuthService.Detail), router.Params("userId"), router.AuthRequired(), - router.RatelimitClientIP("100-M"), router.RatelimitUser("100-M"), ), router.NewRoute( @@ -144,7 +140,6 @@ func main() { router.Endpoint(authpb.AuthService.UpdateRoles), router.Params("userId"), router.AuthRequired(), - router.RatelimitClientIP("1-M"), router.RatelimitUser("1-M"), ), ) diff --git a/cmd/microrouterd/handler/handler.go b/cmd/microrouterd/handler/handler.go index 18924b0..0fff412 100644 --- a/cmd/microrouterd/handler/handler.go +++ b/cmd/microrouterd/handler/handler.go @@ -219,7 +219,7 @@ func (h *Handler) proxy(serviceName string, route *routerclientpb.RoutesReply_Ro return func(c *gin.Context) { if len(clientIPRatelimiter) > 0 { - for idx, l := range clientIPRatelimiter { + for _, l := range clientIPRatelimiter { context, err := l.Get(c, fmt.Sprintf("%s-%s-%s", path, l.Rate.Formatted, c.ClientIP())) if err != nil { c.JSON(http.StatusInternalServerError, gin.H{ @@ -234,11 +234,9 @@ func (h *Handler) proxy(serviceName string, route *routerclientpb.RoutesReply_Ro return } - if idx == 0 { - c.Header("X-ClientIPRateLimit-Limit", strconv.FormatInt(context.Limit, 10)) - c.Header("X-ClientIPRateLimit-Remaining", strconv.FormatInt(context.Remaining, 10)) - c.Header("X-ClientIPRateLimit-Reset", strconv.FormatInt(context.Reset, 10)) - } + c.Header("X-ClientIPRateLimit-Limit", strconv.FormatInt(context.Limit, 10)) + c.Header("X-ClientIPRateLimit-Remaining", strconv.FormatInt(context.Remaining, 10)) + c.Header("X-ClientIPRateLimit-Reset", strconv.FormatInt(context.Reset, 10)) if context.Reached { c.JSON(http.StatusTooManyRequests, gin.H{ @@ -372,7 +370,7 @@ func (h *Handler) proxy(serviceName string, route *routerclientpb.RoutesReply_Ro } if authErr == nil && len(userRatelimiter) > 0 { - for idx, l := range userRatelimiter { + for _, l := range userRatelimiter { context, err := l.Get(c, fmt.Sprintf("%s-%s-%s", path, l.Rate.Formatted, u.Id)) if err != nil { c.JSON(http.StatusInternalServerError, gin.H{ @@ -387,11 +385,9 @@ func (h *Handler) proxy(serviceName string, route *routerclientpb.RoutesReply_Ro return } - if idx == 0 { - c.Header("X-UserRateLimit-Limit", strconv.FormatInt(context.Limit, 10)) - c.Header("X-UserRateLimit-Remaining", strconv.FormatInt(context.Remaining, 10)) - c.Header("X-UserRateLimit-Reset", strconv.FormatInt(context.Reset, 10)) - } + c.Header("X-UserRateLimit-Limit", strconv.FormatInt(context.Limit, 10)) + c.Header("X-UserRateLimit-Remaining", strconv.FormatInt(context.Remaining, 10)) + c.Header("X-UserRateLimit-Reset", strconv.FormatInt(context.Reset, 10)) if context.Reached { c.JSON(http.StatusTooManyRequests, gin.H{