Resource access limit handler

The Access Handler is a web service that stores the Rules user creates. The Rules contains:

• pattern: It can be either an exact explicit url or a regex
• limit: Shows how many times an specific IP can request for an url matched the pattern

Sample rule be like:

{
    "limit":"100/sec",
    "isExactUrl":false,
    "pattern":"/foo/.*",
    "id":1
}

Also this web service recieves logs by the format of:

{
  "url": "example.com/foo",
  "IP": "1.1.1.1"
}

showing the which IP requested for url.

The goal is to check if an specific IP requested more than limit time interval for specific url matched the patterns and inform by 429 Too Many Requests HTTP status.

Let's test how it works step by step:

NOTE: the $URL is url of web service.

1. Create a rule by CREATE rule API and set the limit to a value like 2/min, like:

curl -X CREATE -H "Content-Type: application/json" --data '{"pattern": "example.com/foo/.*", "limit": "2/min"}' -i -- "$URL/apiv1/rules"

2. Try to post log by POST log API for more than 2 times in less 1 minute. The web service must respond you with 200 OK status for 2 first times, and 429 Too Many Requests for more than 2 times of request. Your request should be like below:

curl -X POST -H "Content-Type: application/json" --data '{"url": "example.com/foo/bar", "IP": "1.1.1.1"}' -i -- "$URL/apiv1/logs?"

What we did was creating a rule that shows an specific IP: 1.1.1.1 can view the url: example.com/foo/bar at most for 2 times per minute because this url matched with created rule pattern: /foo/.*.

sudo apt-get install libass-dev libpq-dev postgresql \
    build-essential redis-server redis-tools

NOTE: Highly recommended to use virtual environment. There are some pip packages for this purpose. But I offer you using virtualenvwrapper package.

You can install by 'pip install' and use https by the following way:

pip install git+https://github.com/shayan-7/accesshandler.git

Or you can use SSH:

pip install [email protected]:shayan-7/accesshandler.git

So, your changes will affect instantly on the installed version

cd /path/to/workspace
git clone [email protected]:shayan-7/accesshandler.git
cd accesshandler
pip install -e .

Accesshandler is zero configuration application and there is no extra configuration file needed, but if you want to have your own configuration file, you can make a accesshandler.yml in the following path: ~/.config/accesshandler.yml such as following format:

db:
  url: postgresql://postgres:postgres@localhost/accesshandler_dev
  test_url: postgresql://postgres:postgres@localhost/accesshandler_test
  administrative_url: postgresql://postgres:postgres@localhost/postgres

accesshandler db create --drop --mockup

accesshandler [-c path/to/config.yml] db drop

accesshandler [-c path/to/config.yml] db create

Or, you can add --drop to drop the previously created database: TAKE CARE ABOUT USING THAT

accesshandler [-c path/to/config.yml] db create --drop

accesshandler [-c path/to/config.yml] db schema

To check all tests passing and 100% coverage run the following command:

pip install -r requirements-ci.txt
pytest --cov=accesshandler

Then all the tested APIs generated in <path/to/accesshandler>/data/markdown by Markdown format.

• Gunicorn

$ ./gunicorn

Check out API.md for list of APIs and sample responses.