This document discusses various Ruby expressions and methods used in the Rack::Attack gem for throttling web requests. It contains example code snippets and asks questions about specific expressions to understand what they are doing. These include questions about operator precedence, instance vs class variables and methods, and whether blocks are being called on instances or classes.
6. module Rack
class Attack
class Check
attr_reader :name, :block, :type
def initialize(name, options = {}, block)
@name, @block = name, block
@type = options.fetch(:type, nil)
end
# Wha'? What's this do?
def [](req)
block[req].tap {|match|
if match
req.env["rack.attack.matched"] = name
req.env["rack.attack.match_type"] = type
Rack::Attack.instrument(req)
end
}
end
end
end
end
7. "or" and ","
operators
· Precedences?
· Parenthesis (or lack of them)
8. module Rack
class Attack
class Fail2Ban
class << self
def filter(discriminator, options)
# Wha? What's happening here?
bantime = options[:bantime] or raise ArgumentError, "Must pass bantime option"
findtime = options[:findtime] or raise ArgumentError, "Must pass findtime option"
maxretry = options[:maxretry] or raise ArgumentError, "Must pass maxretry option"
...
12. class Rack::Attack
...
class << self
# Wha? These instance or class accessors?
attr_accessor :notifier, :blacklisted_response, :throttled_response
def whitelist(name, &block)
self.whitelists[name] = Whitelist.new(name, block)
end
...
# Wha? Is @whitelists an instance or class var?
def whitelists; @whitelists ||= {}; end
...
end
...
14. Within Rack::Attack we have this instance
method
def call(env)
req = Rack::Attack::Request.new(env)
# Wha? Is #whitelisted? an instance or class method?
if whitelisted?(req)
@app.call(env)
elsif blacklisted?(req)
self.class.blacklisted_response[env]
elsif throttled?(req)
self.class.throttled_response[env]
else
tracked?(req)
@app.call(env)
end
end
16. class Rack::Attack
# Wha?
throttle('req/ip',
:limit => (ENV['RACKATTACK_LIMIT'].present? ? Integer(ENV['RACKATTACK_LIMIT']) : 300),
:period => (ENV['RACKATTACK_PERIOD'].present? ? Integer(ENV['RACKATTACK_PERIOD']) : 1.minutes)) do |req|
req.ip
end
whitelist('from hedgeye office') do |req|
if (whitelist_pattern = ENV['WHITELIST_IP_PATTERN']) && !whitelist_pattern.blank?
Rails.logger.info("#{req.ip} =~ /#{whitelist_pattern}/ #=> #{req.ip =~ /#{whitelist_pattern}/}")
req.ip =~ /#{whitelist_pattern}/
end
end
# https://www.pivotaltracker.com/n/projects/414867/stories/76620326
blacklist('block bad user agent request from Chinese bot') do |req|
offset = req.user_agent =~ /WEasouSpiderW/
!offset.nil? && offset >= 0
end
self.throttled_response = lambda do |env|
[ 503, # status
{}, # headers
['']] # body end
end
end
17. SCORE
7 out of 7 - god
otherwise: mortal
Thanks for playing