Changes

2026-05-12 09:56:43 +03:00
parent cabf240397
commit 3cd6a3cf43
4 changed files with 74 additions and 31 deletions
@@ -1,17 +1,26 @@
 using System.Threading.RateLimiting;
 using Microsoft.AspNetCore.Builder;
 using Microsoft.AspNetCore.Http;
+using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Logging;
+using Shared.Models.Settings;

 namespace StartupHelpers;

 public static class RateLimitingExtensions
 {
-    public static void AddPublicApiRateLimiting(this IServiceCollection services)
+    public static void AddPublicApiRateLimiting(
+        this IServiceCollection services,
+        IConfiguration configuration,
+        string sectionName = "RateLimiting")
    {
+        var settings = configuration.GetSection(sectionName).Get<RateLimitingSettings>()
+                       ?? new RateLimitingSettings();
+
        services.AddRateLimiter(options =>
        {
+            var global = settings.Global ?? new RateLimitPolicySettings();
            options.GlobalLimiter = PartitionedRateLimiter.Create<HttpContext, string>(httpContext =>
            {
                var ip = httpContext.Connection.RemoteIpAddress?.ToString() ?? "unknown";
@@ -19,40 +28,32 @@ public static class RateLimitingExtensions
                    partitionKey: ip,
                    factory: _ => new FixedWindowRateLimiterOptions
                    {
-                        PermitLimit = 120,
-                        Window = TimeSpan.FromMinutes(1),
-                        QueueLimit = 0,
-                        AutoReplenishment = true
+                        PermitLimit = global.PermitLimit,
+                        Window = global.Window,
+                        QueueLimit = global.QueueLimit,
+                        AutoReplenishment = global.AutoReplenishment
                    });
            });

-            options.AddPolicy("contact", httpContext =>
+            foreach (var entry in settings.Policies)
            {
-                var ip = httpContext.Connection.RemoteIpAddress?.ToString() ?? "unknown";
-                return RateLimitPartition.GetFixedWindowLimiter(
-                    partitionKey: ip,
-                    factory: _ => new FixedWindowRateLimiterOptions
-                    {
-                        PermitLimit = 5,
-                        Window = TimeSpan.FromMinutes(1),
-                        QueueLimit = 0,
-                        AutoReplenishment = true
-                    });
-            });
+                var policyName = entry.Key;
+                var policy = entry.Value ?? new RateLimitPolicySettings();

-            options.AddPolicy("cv-matcher", httpContext =>
-            {
-                var ip = httpContext.Connection.RemoteIpAddress?.ToString() ?? "unknown";
-                return RateLimitPartition.GetFixedWindowLimiter(
-                    partitionKey: ip,
-                    factory: _ => new FixedWindowRateLimiterOptions
-                    {
-                        PermitLimit = 10,
-                        Window = TimeSpan.FromMinutes(10),
-                        QueueLimit = 0,
-                        AutoReplenishment = true
-                    });
-            });
+                options.AddPolicy(policyName, httpContext =>
+                {
+                    var ip = httpContext.Connection.RemoteIpAddress?.ToString() ?? "unknown";
+                    return RateLimitPartition.GetFixedWindowLimiter(
+                        partitionKey: ip,
+                        factory: _ => new FixedWindowRateLimiterOptions
+                        {
+                            PermitLimit = policy.PermitLimit,
+                            Window = policy.Window,
+                            QueueLimit = policy.QueueLimit,
+                            AutoReplenishment = policy.AutoReplenishment
+                        });
+                });
+            }

            options.RejectionStatusCode = StatusCodes.Status429TooManyRequests;
            options.OnRejected = async (context, ct) =>