rustio-admin 0.10.2

Django Admin, but for Rust. A small, focused admin framework.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136

//! Per-IP rate limiting using a token bucket. Kept in memory via
//! DashMap — good for single-node deployments. For multi-node, plug
//! the same shape against Redis or Postgres.
//!
//! Default: 120 requests / 60s. Override by constructing a
//! `RateLimiter` yourself and calling `rate_limit(limiter)`.

use std::sync::Arc;
use std::time::{Duration, Instant};

use dashmap::DashMap;

use crate::error::{Error, Result};
use crate::http::{Request, Response};
use crate::router::Next;

// public:
#[derive(Clone)]
pub struct RateLimiter {
    inner: Arc<Inner>,
}

struct Inner {
    capacity: u32,
    refill_per_second: f64,
    buckets: DashMap<String, Bucket>,
}

#[derive(Debug)]
struct Bucket {
    tokens: f64,
    updated: Instant,
}

impl RateLimiter {
    // public:
    pub fn new(capacity: u32, window: Duration) -> Self {
        let refill = capacity as f64 / window.as_secs_f64().max(0.001);
        Self {
            inner: Arc::new(Inner {
                capacity,
                refill_per_second: refill,
                buckets: DashMap::new(),
            }),
        }
    }

    // public:
    pub fn default_limits() -> Self {
        Self::new(120, Duration::from_secs(60))
    }

    /// Try to consume one token from the bucket keyed by `key`.
    /// Returns `true` when the request is allowed (token consumed)
    /// and `false` when the bucket is empty.
    ///
    /// `pub(crate)` so the recovery module can drive its own
    /// scoped buckets (per-IP request + consume limits) without
    /// going through the global middleware path. The middleware
    /// closure in [`rate_limit`] continues to be the only public
    /// way to plug a limiter into the router.
    pub(crate) fn allow(&self, key: &str) -> bool {
        let now = Instant::now();
        let mut entry = self.inner.buckets.entry(key.to_string()).or_insert(Bucket {
            tokens: self.inner.capacity as f64,
            updated: now,
        });
        let elapsed = now.duration_since(entry.updated).as_secs_f64();
        let refill = elapsed * self.inner.refill_per_second;
        entry.tokens = (entry.tokens + refill).min(self.inner.capacity as f64);
        entry.updated = now;
        if entry.tokens >= 1.0 {
            entry.tokens -= 1.0;
            true
        } else {
            false
        }
    }
}

// public:
/// The middleware function. Wrap a limiter into a closure and hand
/// it to `Router::middleware(...)`.
pub fn rate_limit(
    limiter: RateLimiter,
) -> impl Fn(
    Request,
    Next,
)
    -> std::pin::Pin<Box<dyn std::future::Future<Output = Result<Response>> + Send + 'static>>
       + Clone
       + Send
       + Sync
       + 'static {
    move |req: Request, next: Next| {
        let limiter = limiter.clone();
        Box::pin(async move {
            // Prefer X-Forwarded-For (one-layer-deep) for deployments
            // behind a reverse proxy. Falls back to a fixed "anon" key
            // when no client identifier is available — we still rate
            // limit in that case, just globally.
            let key = req
                .header("x-forwarded-for")
                .and_then(|v| v.split(',').next())
                .map(|s| s.trim().to_string())
                .unwrap_or_else(|| "anon".to_string());

            if !limiter.allow(&key) {
                return Err(Error::BadRequest("rate limit exceeded".into()));
            }
            next.run(req).await
        })
    }
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn bucket_allows_burst_then_blocks() {
        let limiter = RateLimiter::new(3, Duration::from_secs(60));
        assert!(limiter.allow("1.2.3.4"));
        assert!(limiter.allow("1.2.3.4"));
        assert!(limiter.allow("1.2.3.4"));
        assert!(!limiter.allow("1.2.3.4"));
    }

    #[test]
    fn different_keys_tracked_separately() {
        let limiter = RateLimiter::new(1, Duration::from_secs(60));
        assert!(limiter.allow("a"));
        assert!(limiter.allow("b"));
        assert!(!limiter.allow("a"));
    }
}