class Rack::Attack

Constants

PathNormalizer
VERSION

Attributes

configuration[R]
enabled[RW]
notifier[RW]
throttle_discriminator_normalizer[RW]
configuration[R]

Public Class Methods

cache() click to toggle source
# File lib/rack/attack.rb, line 47
def cache
  @cache ||= Cache.new
end
clear!() click to toggle source
# File lib/rack/attack.rb, line 51
def clear!
  warn "[DEPRECATION] Rack::Attack.clear! is deprecated. Please use Rack::Attack.clear_configuration instead"
  @configuration.clear_configuration
end
instrument(request) click to toggle source
# File lib/rack/attack.rb, line 37
def instrument(request)
  if notifier
    event_type = request.env["rack.attack.match_type"]
    notifier.instrument("#{event_type}.rack_attack", request: request)

    # Deprecated: Keeping just for backwards compatibility
    notifier.instrument("rack.attack", request: request)
  end
end
new(app) click to toggle source
# File lib/rack/attack.rb, line 97
def initialize(app)
  @app = app
  @configuration = self.class.configuration
end
reset!() click to toggle source
# File lib/rack/attack.rb, line 56
def reset!
  cache.reset!
end

Public Instance Methods

call(env) click to toggle source
# File lib/rack/attack.rb, line 102
def call(env)
  return @app.call(env) if !self.class.enabled || env["rack.attack.called"]

  env["rack.attack.called"] = true
  env['PATH_INFO'] = PathNormalizer.normalize_path(env['PATH_INFO'])
  request = Rack::Attack::Request.new(env)

  if configuration.safelisted?(request)
    @app.call(env)
  elsif configuration.blocklisted?(request)
    # Deprecated: Keeping blocklisted_response for backwards compatibility
    if configuration.blocklisted_response
      configuration.blocklisted_response.call(env)
    else
      configuration.blocklisted_responder.call(request)
    end
  elsif configuration.throttled?(request)
    # Deprecated: Keeping throttled_response for backwards compatibility
    if configuration.throttled_response
      configuration.throttled_response.call(env)
    else
      configuration.throttled_responder.call(request)
    end
  else
    configuration.tracked?(request)
    @app.call(env)
  end
end