Skip to content

Commit e28b8c8

Browse files
committed
fix: Wrong bucket4j configuration - Fixes #102
- Replace default `429 (Too Many Requests)` message; - Increase `MAINTAINER` capacity; - Remove deprecated methods; - Add dynamic version syntax to auth path
1 parent a83685a commit e28b8c8

1 file changed

Lines changed: 41 additions & 61 deletions

File tree

src/main/resources/bucket4j.properties

Lines changed: 41 additions & 61 deletions
Original file line numberDiff line numberDiff line change
@@ -2,79 +2,59 @@
22

33
## Bucket4j
44
bucket4j.enabled=true
5-
6-
### Global (ROLE_ANONYMOUS)
75
bucket4j.filters[0].cache-name=buckets
86
bucket4j.filters[0].url=/api.*
9-
bucket4j.filters[0].strategy=all
7+
bucket4j.filters[0].strategy=first
108
bucket4j.filters[0].filter-order=0
9+
bucket4j.filters[0].http-response-body={"code": 429, "status": "Too Many Requests", "method": "GET", "cause": "You have exhausted your API request quota", "message": "See more on: ${hawapi.docs}/guides/rate-limiting"}
10+
11+
### Global (ROLE_ANONYMOUS)
1112
bucket4j.filters[0].rate-limits[0].cache-key=getRemoteAddr()
13+
bucket4j.filters[0].rate-limits[0].execute-condition=@authServiceImpl.getRole() == 'ROLE_ANONYMOUS'
1214
bucket4j.filters[0].rate-limits[0].bandwidths[0].capacity=4
1315
bucket4j.filters[0].rate-limits[0].bandwidths[0].time=1
1416
bucket4j.filters[0].rate-limits[0].bandwidths[0].unit=minutes
15-
bucket4j.filters[0].rate-limits[0].bandwidths[0].fixed-refill-interval=0
16-
bucket4j.filters[0].rate-limits[0].bandwidths[0].fixed-refill-interval-unit=minutes
17-
18-
### Global (Auth - ROLE_ANONYMOUS)
19-
bucket4j.filters[1].cache-name=buckets
20-
bucket4j.filters[1].url=/api/auth.*
21-
bucket4j.filters[1].strategy=all
22-
bucket4j.filters[1].filter-order=0
23-
bucket4j.filters[1].rate-limits[0].cache-key=getRemoteAddr()
24-
bucket4j.filters[1].rate-limits[0].bandwidths[0].capacity=3
25-
bucket4j.filters[1].rate-limits[0].bandwidths[0].time=12
26-
bucket4j.filters[1].rate-limits[0].bandwidths[0].unit=hours
27-
bucket4j.filters[1].rate-limits[0].bandwidths[0].fixed-refill-interval=0
28-
bucket4j.filters[1].rate-limits[0].bandwidths[0].fixed-refill-interval-unit=minutes
17+
bucket4j.filters[0].rate-limits[0].bandwidths[0].refill-speed=greedy
2918

3019
### Dev (ROLE_BASIC)
31-
bucket4j.filters[2].cache-name=buckets
32-
bucket4j.filters[2].url=.*
33-
bucket4j.filters[2].strategy=all
34-
bucket4j.filters[2].filter-order=1
35-
bucket4j.filters[2].rate-limits[0].cache-key=@authServiceImplImpl.getRole()
36-
bucket4j.filters[2].rate-limits[0].execute-condition=@authServiceImpl.getRole() == 'ROLE_BASIC'
37-
bucket4j.filters[2].rate-limits[0].bandwidths[0].capacity=6
38-
bucket4j.filters[2].rate-limits[0].bandwidths[0].time=1
39-
bucket4j.filters[2].rate-limits[0].bandwidths[0].unit=minutes
40-
bucket4j.filters[2].rate-limits[0].bandwidths[0].fixed-refill-interval=0
41-
bucket4j.filters[2].rate-limits[0].bandwidths[0].fixed-refill-interval-unit=minutes
20+
bucket4j.filters[0].rate-limits[1].cache-key=getRemoteAddr()
21+
bucket4j.filters[0].rate-limits[1].execute-condition=@authServiceImpl.getRole() == 'ROLE_BASIC'
22+
bucket4j.filters[0].rate-limits[1].bandwidths[0].capacity=6
23+
bucket4j.filters[0].rate-limits[1].bandwidths[0].time=1
24+
bucket4j.filters[0].rate-limits[1].bandwidths[0].unit=minutes
25+
bucket4j.filters[0].rate-limits[1].bandwidths[0].refill-speed=greedy
4226

4327
### Dev (ROLE_DEV)
44-
bucket4j.filters[3].cache-name=buckets
45-
bucket4j.filters[3].url=.*
46-
bucket4j.filters[3].strategy=all
47-
bucket4j.filters[3].filter-order=2
48-
bucket4j.filters[3].rate-limits[0].cache-key=@authServiceImpl.getRole()
49-
bucket4j.filters[3].rate-limits[0].execute-condition=@authServiceImpl.getRole() == 'ROLE_DEV'
50-
bucket4j.filters[3].rate-limits[0].bandwidths[0].capacity=8
51-
bucket4j.filters[3].rate-limits[0].bandwidths[0].time=1
52-
bucket4j.filters[3].rate-limits[0].bandwidths[0].unit=minutes
53-
bucket4j.filters[3].rate-limits[0].bandwidths[0].fixed-refill-interval=0
54-
bucket4j.filters[3].rate-limits[0].bandwidths[0].fixed-refill-interval-unit=minutes
28+
bucket4j.filters[0].rate-limits[2].cache-key=getRemoteAddr()
29+
bucket4j.filters[0].rate-limits[2].execute-condition=@authServiceImpl.getRole() == 'ROLE_DEV'
30+
bucket4j.filters[0].rate-limits[2].bandwidths[0].capacity=8
31+
bucket4j.filters[0].rate-limits[2].bandwidths[0].time=1
32+
bucket4j.filters[0].rate-limits[2].bandwidths[0].unit=minutes
33+
bucket4j.filters[0].rate-limits[2].bandwidths[0].refill-speed=greedy
5534

5635
### Maintainer (ROLE_MAINTAINER)
57-
bucket4j.filters[4].cache-name=buckets
58-
bucket4j.filters[4].url=.*
59-
bucket4j.filters[4].strategy=all
60-
bucket4j.filters[4].filter-order=2
61-
bucket4j.filters[4].rate-limits[0].cache-key=@authServiceImpl.getRole()
62-
bucket4j.filters[4].rate-limits[0].execute-condition=@authServiceImpl.getRole() == 'ROLE_MAINTAINER'
63-
bucket4j.filters[4].rate-limits[0].bandwidths[0].capacity=12
64-
bucket4j.filters[4].rate-limits[0].bandwidths[0].time=1
65-
bucket4j.filters[4].rate-limits[0].bandwidths[0].unit=minutes
66-
bucket4j.filters[4].rate-limits[0].bandwidths[0].fixed-refill-interval=0
67-
bucket4j.filters[4].rate-limits[0].bandwidths[0].fixed-refill-interval-unit=minutes
36+
bucket4j.filters[0].rate-limits[3].cache-key=getRemoteAddr()
37+
bucket4j.filters[0].rate-limits[3].execute-condition=@authServiceImpl.getRole() == 'ROLE_MAINTAINER'
38+
bucket4j.filters[0].rate-limits[3].bandwidths[0].capacity=30
39+
bucket4j.filters[0].rate-limits[3].bandwidths[0].time=1
40+
bucket4j.filters[0].rate-limits[3].bandwidths[0].unit=minutes
41+
bucket4j.filters[0].rate-limits[3].bandwidths[0].refill-speed=greedy
6842

6943
### Admin (ROLE_ADMIN)
70-
bucket4j.filters[5].cache-name=buckets
71-
bucket4j.filters[5].url=.*
72-
bucket4j.filters[5].strategy=all
73-
bucket4j.filters[5].filter-order=3
74-
bucket4j.filters[5].rate-limits[0].cache-key=@authServiceImpl.getRole()
75-
bucket4j.filters[5].rate-limits[0].execute-condition=@authServiceImpl.getRole() == 'ROLE_ADMIN'
76-
bucket4j.filters[5].rate-limits[0].bandwidths[0].capacity=60
77-
bucket4j.filters[5].rate-limits[0].bandwidths[0].time=1
78-
bucket4j.filters[5].rate-limits[0].bandwidths[0].unit=minutes
79-
bucket4j.filters[5].rate-limits[0].bandwidths[0].fixed-refill-interval=0
80-
bucket4j.filters[5].rate-limits[0].bandwidths[0].fixed-refill-interval-unit=minutes
44+
bucket4j.filters[0].rate-limits[4].cache-key=getRemoteAddr()
45+
bucket4j.filters[0].rate-limits[4].skip-condition=@authServiceImpl.getRole() == 'ROLE_ADMIN'
46+
bucket4j.filters[0].rate-limits[4].bandwidths[0].capacity=60
47+
bucket4j.filters[0].rate-limits[4].bandwidths[0].time=1
48+
bucket4j.filters[0].rate-limits[4].bandwidths[0].unit=minutes
49+
bucket4j.filters[0].rate-limits[4].bandwidths[0].refill-speed=greedy
50+
51+
### Global (Auth - ALL ROLES)
52+
bucket4j.filters[1].cache-name=buckets
53+
bucket4j.filters[1].url=/api/(v[1-9])/auth.*
54+
bucket4j.filters[1].strategy=first
55+
bucket4j.filters[1].filter-order=1
56+
bucket4j.filters[0].http-response-body={"code": 429, "status": "Too Many Requests", "method": "GET", "cause": "You have exhausted your API request quota", "message": "See more on: ${hawapi.docs}/guides/rate-limiting"}
57+
bucket4j.filters[1].rate-limits[0].bandwidths[0].capacity=3
58+
bucket4j.filters[1].rate-limits[0].bandwidths[0].time=12
59+
bucket4j.filters[1].rate-limits[0].bandwidths[0].unit=hours
60+
bucket4j.filters[1].rate-limits[0].bandwidths[0].refill-speed=greedy

0 commit comments

Comments
 (0)