-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Configurable Authorization Request Limits #9
Conversation
…able defaults (6/60 from 3/30) Document configuration option in README.md
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
One request per 10 seconds seems fair to me, and configurable settings are always good
neon_hana/auth/client_manager.py
Outdated
f"{origin_ip}. Wait 30 seconds.") | ||
f"{origin_ip}. Wait 1 minute.") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
FWIW, giving the exact time to wait helps people infer the rate limit, and they can script it more accurately to stay within the window. No matter what the approach is, it's probably best to make sure there's monitoring in place for multiple failed requests inside a time window.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Added some logic and update the return to give the time until the rate-limit counter resets.
When we implement some actual auth validation I agree we should also monitor failed requests and impose some stricter limits for bad credentials
# Changelog ## [0.0.1a9](https://github.com/NeonGeckoCom/neon-hana/tree/0.0.1a9) (2024-02-26) [Full Changelog](0.0.1a8...0.0.1a9) **Merged pull requests:** - Cleanup comments and prep for release [\#13](#13) ([NeonDaniel](https://github.com/NeonDaniel)) ## [0.0.1a8](https://github.com/NeonGeckoCom/neon-hana/tree/0.0.1a8) (2024-01-26) [Full Changelog](0.0.1a7...0.0.1a8) **Merged pull requests:** - Update to use client-provided public IP address when available [\#12](#12) ([NeonDaniel](https://github.com/NeonDaniel)) ## [0.0.1a7](https://github.com/NeonGeckoCom/neon-hana/tree/0.0.1a7) (2024-01-26) [Full Changelog](0.0.1a6...0.0.1a7) **Merged pull requests:** - Add Node data model and Session support [\#11](#11) ([NeonDaniel](https://github.com/NeonDaniel)) ## [0.0.1a6](https://github.com/NeonGeckoCom/neon-hana/tree/0.0.1a6) (2024-01-26) [Full Changelog](0.0.1a5...0.0.1a6) **Merged pull requests:** - Configurable Authorization Request Limits [\#9](#9) ([NeonDaniel](https://github.com/NeonDaniel)) ## [0.0.1a5](https://github.com/NeonGeckoCom/neon-hana/tree/0.0.1a5) (2024-01-23) [Full Changelog](0.0.1a4...0.0.1a5) **Merged pull requests:** - JWT server cache fix and client response update [\#8](#8) ([NeonDaniel](https://github.com/NeonDaniel)) ## [0.0.1a4](https://github.com/NeonGeckoCom/neon-hana/tree/0.0.1a4) (2024-01-22) [Full Changelog](0.0.1a3...0.0.1a4) **Merged pull requests:** - Default disable email service with note in docs explaining rationale [\#4](#4) ([NeonDaniel](https://github.com/NeonDaniel)) ## [0.0.1a3](https://github.com/NeonGeckoCom/neon-hana/tree/0.0.1a3) (2024-01-22) [Full Changelog](0.0.1a2...0.0.1a3) **Merged pull requests:** - Add `assist` route for HTTP requests [\#3](#3) ([NeonDaniel](https://github.com/NeonDaniel)) ## [0.0.1a2](https://github.com/NeonGeckoCom/neon-hana/tree/0.0.1a2) (2024-01-19) [Full Changelog](885ec6e...0.0.1a2) **Merged pull requests:** - Fix path errors in test build automation [\#2](#2) ([NeonDaniel](https://github.com/NeonDaniel)) - Initial Implementation [\#1](#1) ([NeonDaniel](https://github.com/NeonDaniel)) \* *This Changelog was automatically generated by [github_changelog_generator](https://github.com/github-changelog-generator/github-changelog-generator)*
Description
Make authorization requests per minute param configurable with comparable defaults (6/60 from 3/30)
Document configuration option in README.md
Issues
Other Notes
Follow-up to #8