Skip to content

Rework rate limit factors and add caching (resolves #884)

Hazelnootrequested to merge
fEmber/Sharkey:hazelnoot/884-relax-signin-rate-limit into develop

What does this MR do?

Refactor the rate limit "factor" concept to be calculated directly within SkRateLimiterService. The value is no longer passed in from callers; instead they pass an MiUser object which flows to RoleService. When no user is available (anonymous contexts w/ a hashed IP), the role template value is used. Either way, the resulting policy is used as the factor. This provides a few benefits:

  • Reduced code complexity and duplication.
  • It becomes possible to add memory caching, which resolves a long-standing TODO item.
  • The role template value now applies to anonymous clients.

We also convert the sign-in rate limit to bucket mode, which reduces the amount of waiting required in the event of lockout.

Contribution Guidelines

By submitting this merge request, you agree to follow our Contribution Guidelines

  • I agree to follow this project's Contribution Guidelines
  • I have made sure to test this merge request

Merge request reports