22
33# # Bucket4j
44bucket4j.enabled =true
5-
6- # ## Global (ROLE_ANONYMOUS)
75bucket4j.filters[0].cache-name =buckets
86bucket4j.filters[0].url =/api.*
9- bucket4j.filters[0].strategy =all
7+ bucket4j.filters[0].strategy =first
108bucket4j.filters[0].filter-order =0
9+ bucket4j.filters[0].http-response-body ={"code": 429, "status": "Too Many Requests", "method": "GET", "cause": "You have exhausted your API request quota", "message": "See more on: ${hawapi.docs}/guides/rate-limiting"}
10+
11+ # ## Global (ROLE_ANONYMOUS)
1112bucket4j.filters[0].rate-limits[0].cache-key =getRemoteAddr()
13+ bucket4j.filters[0].rate-limits[0].execute-condition =@authServiceImpl.getRole() == 'ROLE_ANONYMOUS'
1214bucket4j.filters[0].rate-limits[0].bandwidths[0].capacity =4
1315bucket4j.filters[0].rate-limits[0].bandwidths[0].time =1
1416bucket4j.filters[0].rate-limits[0].bandwidths[0].unit =minutes
15- bucket4j.filters[0].rate-limits[0].bandwidths[0].fixed-refill-interval =0
16- bucket4j.filters[0].rate-limits[0].bandwidths[0].fixed-refill-interval-unit =minutes
17-
18- # ## Global (Auth - ROLE_ANONYMOUS)
19- bucket4j.filters[1].cache-name =buckets
20- bucket4j.filters[1].url =/api/auth.*
21- bucket4j.filters[1].strategy =all
22- bucket4j.filters[1].filter-order =0
23- bucket4j.filters[1].rate-limits[0].cache-key =getRemoteAddr()
24- bucket4j.filters[1].rate-limits[0].bandwidths[0].capacity =3
25- bucket4j.filters[1].rate-limits[0].bandwidths[0].time =12
26- bucket4j.filters[1].rate-limits[0].bandwidths[0].unit =hours
27- bucket4j.filters[1].rate-limits[0].bandwidths[0].fixed-refill-interval =0
28- bucket4j.filters[1].rate-limits[0].bandwidths[0].fixed-refill-interval-unit =minutes
17+ bucket4j.filters[0].rate-limits[0].bandwidths[0].refill-speed =greedy
2918
3019# ## Dev (ROLE_BASIC)
31- bucket4j.filters[2].cache-name =buckets
32- bucket4j.filters[2].url =.*
33- bucket4j.filters[2].strategy =all
34- bucket4j.filters[2].filter-order =1
35- bucket4j.filters[2].rate-limits[0].cache-key =@authServiceImplImpl.getRole()
36- bucket4j.filters[2].rate-limits[0].execute-condition =@authServiceImpl.getRole() == 'ROLE_BASIC'
37- bucket4j.filters[2].rate-limits[0].bandwidths[0].capacity =6
38- bucket4j.filters[2].rate-limits[0].bandwidths[0].time =1
39- bucket4j.filters[2].rate-limits[0].bandwidths[0].unit =minutes
40- bucket4j.filters[2].rate-limits[0].bandwidths[0].fixed-refill-interval =0
41- bucket4j.filters[2].rate-limits[0].bandwidths[0].fixed-refill-interval-unit =minutes
20+ bucket4j.filters[0].rate-limits[1].cache-key =getRemoteAddr()
21+ bucket4j.filters[0].rate-limits[1].execute-condition =@authServiceImpl.getRole() == 'ROLE_BASIC'
22+ bucket4j.filters[0].rate-limits[1].bandwidths[0].capacity =6
23+ bucket4j.filters[0].rate-limits[1].bandwidths[0].time =1
24+ bucket4j.filters[0].rate-limits[1].bandwidths[0].unit =minutes
25+ bucket4j.filters[0].rate-limits[1].bandwidths[0].refill-speed =greedy
4226
4327# ## Dev (ROLE_DEV)
44- bucket4j.filters[3].cache-name =buckets
45- bucket4j.filters[3].url =.*
46- bucket4j.filters[3].strategy =all
47- bucket4j.filters[3].filter-order =2
48- bucket4j.filters[3].rate-limits[0].cache-key =@authServiceImpl.getRole()
49- bucket4j.filters[3].rate-limits[0].execute-condition =@authServiceImpl.getRole() == 'ROLE_DEV'
50- bucket4j.filters[3].rate-limits[0].bandwidths[0].capacity =8
51- bucket4j.filters[3].rate-limits[0].bandwidths[0].time =1
52- bucket4j.filters[3].rate-limits[0].bandwidths[0].unit =minutes
53- bucket4j.filters[3].rate-limits[0].bandwidths[0].fixed-refill-interval =0
54- bucket4j.filters[3].rate-limits[0].bandwidths[0].fixed-refill-interval-unit =minutes
28+ bucket4j.filters[0].rate-limits[2].cache-key =getRemoteAddr()
29+ bucket4j.filters[0].rate-limits[2].execute-condition =@authServiceImpl.getRole() == 'ROLE_DEV'
30+ bucket4j.filters[0].rate-limits[2].bandwidths[0].capacity =8
31+ bucket4j.filters[0].rate-limits[2].bandwidths[0].time =1
32+ bucket4j.filters[0].rate-limits[2].bandwidths[0].unit =minutes
33+ bucket4j.filters[0].rate-limits[2].bandwidths[0].refill-speed =greedy
5534
5635# ## Maintainer (ROLE_MAINTAINER)
57- bucket4j.filters[4].cache-name =buckets
58- bucket4j.filters[4].url =.*
59- bucket4j.filters[4].strategy =all
60- bucket4j.filters[4].filter-order =2
61- bucket4j.filters[4].rate-limits[0].cache-key =@authServiceImpl.getRole()
62- bucket4j.filters[4].rate-limits[0].execute-condition =@authServiceImpl.getRole() == 'ROLE_MAINTAINER'
63- bucket4j.filters[4].rate-limits[0].bandwidths[0].capacity =12
64- bucket4j.filters[4].rate-limits[0].bandwidths[0].time =1
65- bucket4j.filters[4].rate-limits[0].bandwidths[0].unit =minutes
66- bucket4j.filters[4].rate-limits[0].bandwidths[0].fixed-refill-interval =0
67- bucket4j.filters[4].rate-limits[0].bandwidths[0].fixed-refill-interval-unit =minutes
36+ bucket4j.filters[0].rate-limits[3].cache-key =getRemoteAddr()
37+ bucket4j.filters[0].rate-limits[3].execute-condition =@authServiceImpl.getRole() == 'ROLE_MAINTAINER'
38+ bucket4j.filters[0].rate-limits[3].bandwidths[0].capacity =30
39+ bucket4j.filters[0].rate-limits[3].bandwidths[0].time =1
40+ bucket4j.filters[0].rate-limits[3].bandwidths[0].unit =minutes
41+ bucket4j.filters[0].rate-limits[3].bandwidths[0].refill-speed =greedy
6842
6943# ## Admin (ROLE_ADMIN)
70- bucket4j.filters[5].cache-name =buckets
71- bucket4j.filters[5].url =.*
72- bucket4j.filters[5].strategy =all
73- bucket4j.filters[5].filter-order =3
74- bucket4j.filters[5].rate-limits[0].cache-key =@authServiceImpl.getRole()
75- bucket4j.filters[5].rate-limits[0].execute-condition =@authServiceImpl.getRole() == 'ROLE_ADMIN'
76- bucket4j.filters[5].rate-limits[0].bandwidths[0].capacity =60
77- bucket4j.filters[5].rate-limits[0].bandwidths[0].time =1
78- bucket4j.filters[5].rate-limits[0].bandwidths[0].unit =minutes
79- bucket4j.filters[5].rate-limits[0].bandwidths[0].fixed-refill-interval =0
80- bucket4j.filters[5].rate-limits[0].bandwidths[0].fixed-refill-interval-unit =minutes
44+ bucket4j.filters[0].rate-limits[4].cache-key =getRemoteAddr()
45+ bucket4j.filters[0].rate-limits[4].skip-condition =@authServiceImpl.getRole() == 'ROLE_ADMIN'
46+ bucket4j.filters[0].rate-limits[4].bandwidths[0].capacity =60
47+ bucket4j.filters[0].rate-limits[4].bandwidths[0].time =1
48+ bucket4j.filters[0].rate-limits[4].bandwidths[0].unit =minutes
49+ bucket4j.filters[0].rate-limits[4].bandwidths[0].refill-speed =greedy
50+
51+ # ## Global (Auth - ALL ROLES)
52+ bucket4j.filters[1].cache-name =buckets
53+ bucket4j.filters[1].url =/api/(v[1-9])/auth.*
54+ bucket4j.filters[1].strategy =first
55+ bucket4j.filters[1].filter-order =1
56+ bucket4j.filters[0].http-response-body ={"code": 429, "status": "Too Many Requests", "method": "GET", "cause": "You have exhausted your API request quota", "message": "See more on: ${hawapi.docs}/guides/rate-limiting"}
57+ bucket4j.filters[1].rate-limits[0].bandwidths[0].capacity =3
58+ bucket4j.filters[1].rate-limits[0].bandwidths[0].time =12
59+ bucket4j.filters[1].rate-limits[0].bandwidths[0].unit =hours
60+ bucket4j.filters[1].rate-limits[0].bandwidths[0].refill-speed =greedy
0 commit comments