Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for per method/subscription rate limits #1

Open
arunoda opened this issue Mar 26, 2015 · 6 comments
Open

Support for per method/subscription rate limits #1

arunoda opened this issue Mar 26, 2015 · 6 comments
Labels
feature

Comments

@arunoda
Copy link
Member

arunoda commented Mar 26, 2015

There are some methods, we need to protect.
So, we need to add per method/subscription rate limits
@Sivli-Embir
Copy link

I would need the reverse. I have 1 semi-admin method that needs to fire often, everything else can be a safe default.

Another really awesome feature would be some way to auto-white list users on a per method basis. My one method should only be used by our invite only users (about 1% total user base). So before those users can use that method they need to authorize, if that fails ignore their traffic. Not sure if this fits Sikka but worth bringing up.

@arunoda
Copy link
Member Author

arunoda commented Mar 26, 2015

Reverse of this also a nice to have.
I think, your other use case is app specific. May be we can have something like that later on.

@Sivli-Embir
Copy link

For my use case I built candid but it does not help against DOS attacks. Maybe some kind of integration could be made. Not sure, I will have to play with sikka to see if that would be reasonable.

@thani-sh
Copy link

Maybe we can have something like allow/deny where user can put some logic.
But I guess it's easy to screw up the apps response time if the they're not
careful.

On Thu, Mar 26, 2015, 22:23 Sivli Kestanous notifications@github.com
wrote:

For my use case I built candid https://atmospherejs.com/kestanous/candid
but it does not help against DOS attacks. Maybe some kind of integration
could be made. Not sure, I will have to play with sikka to see if that
would be reasonable.


Reply to this email directly or view it on GitHub
#1 (comment).

@thani-sh
Copy link 

Sikka.methods.allow (function (name, stats) { return true })

On Fri, Mar 27, 2015, 07:17 Thanish Muhammed mnmtanish@gmail.com wrote:

Maybe we can have something like allow/deny where user can put some logic.
But I guess it's easy to screw up the apps response time if the they're not
careful.

On Thu, Mar 26, 2015, 22:23 Sivli Kestanous notifications@github.com
wrote:

For my use case I built candid
https://atmospherejs.com/kestanous/candid but it does not help against
DOS attacks. Maybe some kind of integration could be made. Not sure, I will
have to play with sikka to see if that would be reasonable.


Reply to this email directly or view it on GitHub
#1 (comment).

@arunoda
Copy link
Member Author

arunoda commented Mar 27, 2015

@mnmtanish It's good.
I want this API to be isolated from JS. May be we can expose a JS api. But not passing functions.
Here's the reason.

Later, we may build a standalone firewall for Sikka. So, we may need to use the same rules without changing anything. And having to write custom code makes Sikka also cost more and stops ways to optimize.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@arunoda @thani-sh @Sivli-Embir