def test_expiry(self, redis):
rate_key = "apilimit:key_a:v1.geolocate:20150101"
maxreq = 100
expire = 1
assert not rate_limit_exceeded(redis, rate_key, maxreq=maxreq, expire=expire)
time.sleep(1.0)
assert not rate_limit_exceeded(redis, rate_key, maxreq=maxreq, expire=expire)
def test_maxrequests(self, redis):
rate_key = "apilimit:key_a:v1.geolocate:20150101"
maxreq = 5
expire = 1
for i in range(maxreq):
assert not rate_limit_exceeded(
redis, rate_key, maxreq=maxreq, expire=expire
)
assert rate_limit_exceeded(redis, rate_key, maxreq=maxreq, expire=expire)
def test_expiry(self, redis):
rate_key = 'apilimit:key_a:v1.geolocate:20150101'
maxreq = 100
expire = 1
assert not rate_limit_exceeded(
redis,
rate_key,
maxreq=maxreq,
expire=expire,
)
time.sleep(1.0)
assert not rate_limit_exceeded(
redis,
rate_key,
maxreq=maxreq,
expire=expire,
)
def test_maxrequests(self, redis):
rate_key = 'apilimit:key_a:v1.geolocate:20150101'
maxreq = 5
expire = 1
for i in range(maxreq):
assert not rate_limit_exceeded(
redis,
rate_key,
maxreq=maxreq,
expire=expire,
)
assert rate_limit_exceeded(
redis,
rate_key,
maxreq=maxreq,
expire=expire,
)
def test_limiter_expiry(self):
rate_key = 'apilimit:key_a:v1.geolocate:20150101'
maxreq = 100
expire = 1
self.assertFalse(rate_limit_exceeded(
self.redis_client,
rate_key,
maxreq=maxreq,
expire=expire,
))
time.sleep(1)
self.assertFalse(rate_limit_exceeded(
self.redis_client,
rate_key,
maxreq=maxreq,
expire=expire,
))
def _ratelimit_reached(self):
return self.ratelimit and rate_limit_exceeded(
self.redis_client,
self._ratelimit_key(),
maxreq=self.ratelimit,
expire=self.ratelimit_expire,
on_error=True,
)
def test_limiter_maxrequests(self):
rate_key = 'apilimit:key_a:v1.geolocate:20150101'
maxreq = 5
expire = 1
for i in range(maxreq):
self.assertFalse(rate_limit_exceeded(
self.redis_client,
rate_key,
maxreq=maxreq,
expire=expire,
))
self.assertTrue(rate_limit_exceeded(
self.redis_client,
rate_key,
maxreq=maxreq,
expire=expire,
))
def test_limiter_expiry(self):
rate_key = 'apilimit:key_a:v1.geolocate:20150101'
maxreq = 100
expire = 1
self.assertFalse(rate_limit_exceeded(
self.redis_client,
rate_key,
maxreq=maxreq,
expire=expire,
))
time.sleep(1)
self.assertFalse(rate_limit_exceeded(
self.redis_client,
rate_key,
maxreq=maxreq,
expire=expire,
))
def _ratelimit_reached(self):
return self.ratelimit and rate_limit_exceeded(
self.redis_client,
self._ratelimit_key(),
maxreq=self.ratelimit,
expire=self.ratelimit_expire,
on_error=True,
)
def test_limiter_maxrequests(self):
rate_key = 'apilimit:key_a:v1.geolocate:20150101'
maxreq = 5
expire = 1
for i in range(maxreq):
self.assertFalse(rate_limit_exceeded(
self.redis_client,
rate_key,
maxreq=maxreq,
expire=expire,
))
self.assertTrue(rate_limit_exceeded(
self.redis_client,
rate_key,
maxreq=maxreq,
expire=expire,
))
def test_no_limit(self):
rate_key = 'apilimit:key_a:v1.geolocate:20150101'
broken_redis = None
assert not rate_limit_exceeded(
broken_redis,
rate_key,
maxreq=0,
expire=1,
)
def test_no_limit(self):
rate_key = 'apilimit:key_a:v1.geolocate:20150101'
broken_redis = None
assert not rate_limit_exceeded(
broken_redis,
rate_key,
maxreq=0,
expire=1,
)
def check(self):
api_key = None
api_key_text = self.parse_apikey()
skip_check = False
if api_key_text is None:
self.log_count(None, False)
if self.error_on_invalidkey:
raise self.prepare_exception(InvalidAPIKey())
if api_key_text is not None:
try:
session = self.request.db_ro_session
api_key = session.query(ApiKey).get(api_key_text)
except Exception:
# if we cannot connect to backend DB, skip api key check
skip_check = True
self.raven_client.captureException()
if api_key is not None and api_key.should_allow(self.view_type):
self.log_count(api_key.valid_key,
api_key.should_log(self.view_type))
rate_key = 'apilimit:{key}:{path}:{time}'.format(
key=api_key_text,
path=self.metric_path,
time=util.utcnow().strftime('%Y%m%d')
)
should_limit = rate_limit_exceeded(
self.redis_client,
rate_key,
maxreq=api_key.maxreq
)
if should_limit:
raise self.prepare_exception(DailyLimitExceeded())
elif skip_check:
pass
else:
if api_key_text is not None:
self.log_count('invalid', False)
if self.error_on_invalidkey:
raise self.prepare_exception(InvalidAPIKey())
# If we failed to look up an ApiKey, create an empty one
# rather than passing None through
api_key = api_key or ApiKey(valid_key=None,
allow_fallback=False,
allow_locate=True)
return self.view(api_key)
def _ratelimit_reached(self, query):
api_key = query.api_key
name = api_key.fallback_name or ''
limit = api_key.fallback_ratelimit or 0
interval = api_key.fallback_ratelimit_interval or 1
ratelimit_key = self._ratelimit_key(name, interval)
return limit and rate_limit_exceeded(
self.redis_client,
ratelimit_key,
maxreq=limit,
expire=interval * 5,
on_error=True,
)
def _ratelimit_reached(self, query):
api_key = query.api_key
name = api_key.fallback_name or ''
limit = api_key.fallback_ratelimit or 0
interval = api_key.fallback_ratelimit_interval or 1
ratelimit_key = self._ratelimit_key(name, interval)
return limit and rate_limit_exceeded(
self.redis_client,
ratelimit_key,
maxreq=limit,
expire=interval * 5,
on_error=True,
)
def check(self):
api_key = None
api_key_text = self.parse_apikey()
skip_check = False
if api_key_text is None:
self.log_count(None, False)
if self.error_on_invalidkey:
raise self.prepare_exception(InvalidAPIKey())
if api_key_text is not None:
try:
session = self.request.db_session
api_key = ApiKey.get(session, api_key_text)
except Exception:
# if we cannot connect to backend DB, skip api key check
skip_check = True
self.raven_client.captureException()
if api_key is not None and api_key.allowed(self.view_type):
self.log_count(api_key.valid_key, True)
rate_key = 'apilimit:{key}:{path}:{time}'.format(
key=api_key_text,
path=self.metric_path,
time=util.utcnow().strftime('%Y%m%d'))
should_limit = rate_limit_exceeded(self.redis_client,
rate_key,
maxreq=api_key.maxreq)
if should_limit:
raise self.prepare_exception(DailyLimitExceeded())
elif skip_check:
pass
else:
if api_key_text is not None:
self.log_count('invalid', False)
if self.error_on_invalidkey:
raise self.prepare_exception(InvalidAPIKey())
# If we failed to look up an ApiKey, create an empty one
# rather than passing None through
api_key = api_key or ApiKey(valid_key=None,
allow_fallback=False,
allow_locate=True,
allow_transfer=False,
store_sample_locate=100,
store_sample_submit=100)
return self.view(api_key)
def check(self):
api_key = None
api_key_text = self.request.GET.get('key', None)
skip_check = False
if api_key_text is None:
self.log_count('none', False)
if self.error_on_invalidkey:
raise self.prepare_exception(InvalidAPIKey())
if api_key_text is not None:
try:
session = self.request.db_ro_session
api_key = session.query(ApiKey).get(api_key_text)
except Exception:
# if we cannot connect to backend DB, skip api key check
skip_check = True
self.raven_client.captureException()
if api_key is not None:
self.log_count(api_key.name, api_key.should_log(self.view_type))
rate_key = 'apilimit:{key}:{path}:{time}'.format(
key=api_key_text,
path=self.metric_path,
time=util.utcnow().strftime('%Y%m%d'))
should_limit = rate_limit_exceeded(self.redis_client,
rate_key,
maxreq=api_key.maxreq)
if should_limit:
raise self.prepare_exception(DailyLimitExceeded())
elif skip_check:
pass
else:
if api_key_text is not None:
self.log_count('invalid', False)
if self.error_on_invalidkey:
raise self.prepare_exception(InvalidAPIKey())
# If we failed to look up an ApiKey, create an empty one
# rather than passing None through
api_key = api_key or ApiKey(valid_key=None)
return self.view(api_key)
def check(self):
api_key = None
api_key_text = self.request.GET.get('key', None)
if api_key_text is None:
self.log_count('none', False)
if self.error_on_invalidkey:
raise InvalidAPIKey()
if api_key_text is not None:
try:
session = self.request.db_ro_session
api_key = session.query(ApiKey).get(api_key_text)
except Exception: # pragma: no cover
# if we cannot connect to backend DB, skip api key check
self.raven_client.captureException()
if api_key is not None:
self.log_count(api_key.name, api_key.log)
rate_key = 'apilimit:{key}:{time}'.format(
key=api_key_text,
time=util.utcnow().strftime('%Y%m%d')
)
should_limit = rate_limit_exceeded(
self.redis_client,
rate_key,
maxreq=api_key.maxreq
)
if should_limit:
raise DailyLimitExceeded()
else:
if api_key_text is not None:
self.log_count('invalid', False)
if self.error_on_invalidkey:
raise InvalidAPIKey()
# If we failed to look up an ApiKey, create an empty one
# rather than passing None through
api_key = api_key or ApiKey(valid_key=None)
return self.view(api_key)