Skip to content

Rate limiting for websockets

dakkar requested to merge feature/rate-limit-websockets into develop

What does this PR do?

I know this is probably not the prettiest code ever, but it seems to work well enough…

This adds rate limiting to the websockets, both the initial connection and the subsequent messages.

The connection is rate-limited by source IP address regardless of the presence of a valid bearer token, because looking up the user felt too slow. That IP address is very probably wrong, because it doesn't handle reverse proxies! We don't have a FastifyRequest here, only a plain http.IncomingMessage, so that will need fixing.

The rate limits are pretty arbitrary, feel free to propose better ones.

Contribution Guidelines By submitting this merge request, you agree to follow our Contribution Guidelines

  • I agree to follow this project's Contribution Guidelines
  • I have made sure to test this pull request

Merge request reports