Class: Rack::Attack

Inherits:

Object

Object
Rack::Attack

show all

Extended by:: Forwardable

Defined in:: lib/rack/attack.rb,
lib/rack/attack/cache.rb,
lib/rack/attack/check.rb,
lib/rack/attack/track.rb,
lib/rack/attack/railtie.rb,
lib/rack/attack/request.rb,
lib/rack/attack/version.rb,
lib/rack/attack/fail2ban.rb,
lib/rack/attack/safelist.rb,
lib/rack/attack/throttle.rb,
lib/rack/attack/allow2ban.rb,
lib/rack/attack/blocklist.rb,
lib/rack/attack/base_proxy.rb,
lib/rack/attack/configuration.rb,
lib/rack/attack/path_normalizer.rb,
lib/rack/attack/store_proxy/dalli_proxy.rb,
lib/rack/attack/store_proxy/redis_proxy.rb,
lib/rack/attack/store_proxy/redis_store_proxy.rb,
lib/rack/attack/store_proxy/mem_cache_store_proxy.rb,
lib/rack/attack/store_proxy/redis_cache_store_proxy.rb,
lib/rack/attack/store_proxy/active_support_redis_store_proxy.rb

Defined Under Namespace

Modules: FallbackPathNormalizer, StoreProxy Classes: Allow2Ban, BaseProxy, Blocklist, Cache, Check, Configuration, Error, Fail2Ban, IncompatibleStoreError, MisconfiguredStoreError, MissingStoreError, Railtie, Request, Safelist, Throttle, Track

Constant Summary collapse

VERSION =

'6.7.0'

PathNormalizer =

if defined?(::ActionDispatch::Journey::Router::Utils)
  # For Rails apps
  ::ActionDispatch::Journey::Router::Utils
else
  FallbackPathNormalizer
end

Class Attribute Summary collapse

.configuration ⇒ Object readonly

Returns the value of attribute configuration.
.enabled ⇒ Object

Returns the value of attribute enabled.
.notifier ⇒ Object

Returns the value of attribute notifier.
.throttle_discriminator_normalizer ⇒ Object

Returns the value of attribute throttle_discriminator_normalizer.

Instance Attribute Summary collapse

#configuration ⇒ Object readonly

Returns the value of attribute configuration.

Class Method Summary collapse

Instance Method Summary collapse

#call(env) ⇒ Object
#initialize(app) ⇒ Attack constructor

A new instance of Attack.

Constructor Details

#initialize(app) ⇒ `Attack`

Returns a new instance of Attack.

# File 'lib/rack/attack.rb', line 97

def initialize(app)
  @app = app
  @configuration = self.class.configuration
end

Class Attribute Details

.configuration ⇒ `Object` (readonly)

Returns the value of attribute configuration.



35
36
37

# File 'lib/rack/attack.rb', line 35

def configuration
  @configuration
end

.enabled ⇒ `Object`

Returns the value of attribute enabled.



34
35
36

# File 'lib/rack/attack.rb', line 34

def enabled
  @enabled
end

.notifier ⇒ `Object`

Returns the value of attribute notifier.



34
35
36

# File 'lib/rack/attack.rb', line 34

def notifier
  @notifier
end

.throttle_discriminator_normalizer ⇒ `Object`

Returns the value of attribute throttle_discriminator_normalizer.



34
35
36

# File 'lib/rack/attack.rb', line 34

def throttle_discriminator_normalizer
  @throttle_discriminator_normalizer
end

Instance Attribute Details

#configuration ⇒ `Object` (readonly)

Returns the value of attribute configuration.



95
96
97

# File 'lib/rack/attack.rb', line 95

def configuration
  @configuration
end

Class Method Details

.cache ⇒ `Object`



47
48
49

# File 'lib/rack/attack.rb', line 47

def cache
  @cache ||= Cache.new
end

.clear! ⇒ `Object`

# File 'lib/rack/attack.rb', line 51

def clear!
  warn "[DEPRECATION] Rack::Attack.clear! is deprecated. Please use Rack::Attack.clear_configuration instead"
  @configuration.clear_configuration
end

.instrument(request) ⇒ `Object`

# File 'lib/rack/attack.rb', line 37

def instrument(request)
  if notifier
    event_type = request.env["rack.attack.match_type"]
    notifier.instrument("#{event_type}.rack_attack", request: request)

    # Deprecated: Keeping just for backwards compatibility
    notifier.instrument("rack.attack", request: request)
  end
end

.reset! ⇒ `Object`



56
57
58

# File 'lib/rack/attack.rb', line 56

def reset!
  cache.reset!
end

Instance Method Details

#call(env) ⇒ `Object`

# File 'lib/rack/attack.rb', line 102

def call(env)
  return @app.call(env) if !self.class.enabled || env["rack.attack.called"]

  env["rack.attack.called"] = true
  env['PATH_INFO'] = PathNormalizer.normalize_path(env['PATH_INFO'])
  request = Rack::Attack::Request.new(env)

  if configuration.safelisted?(request)
    @app.call(env)
  elsif configuration.blocklisted?(request)
    # Deprecated: Keeping blocklisted_response for backwards compatibility
    if configuration.blocklisted_response
      configuration.blocklisted_response.call(env)
    else
      configuration.blocklisted_responder.call(request)
    end
  elsif configuration.throttled?(request)
    # Deprecated: Keeping throttled_response for backwards compatibility
    if configuration.throttled_response
      configuration.throttled_response.call(env)
    else
      configuration.throttled_responder.call(request)
    end
  else
    configuration.tracked?(request)
    @app.call(env)
  end
end

Class: Rack::Attack

Defined Under Namespace

Constant Summary collapse

Class Attribute Summary collapse

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(app) ⇒ Attack

Class Attribute Details

.configuration ⇒ Object (readonly)

.enabled ⇒ Object

.notifier ⇒ Object

.throttle_discriminator_normalizer ⇒ Object