流星:使用ddp-rate-limiter程序包限制DDP连接 [英] Meteor: Limiting DDP Connections with ddp-rate-limiter package
问题描述
我试图防止用户使用Meteor软件包 ddp-rate-limiter
经常调用Meteor方法(例如,防止垃圾邮件或DOS攻击),但我无法使其正常工作。
I am trying to prevent a user to be able to call a Meteor method too often with the Meteor package ddp-rate-limiter
(For example to prevent spamming or a DOS attack), but I can not get it to work.
有人有想法吗?
server / ddpRateLimiter.js:
server/ddpRateLimiter.js:
Meteor.methods({
dosAttack: function() {console.log("dos");}
});
var preventDosAttack= {
userId: function() {return true;},
type: 'method',
method: 'dosAttack'
}
DDPRateLimiter.addRule(preventDosAttack, 5, 1000);
使用此代码,我仍然可以运行该方法可以从客户端控制台中进行多次操作。 (使用for循环测试了100次)
With this code I can still run the method from the client console as often as I want to. (Tested with a for loop 100 times)
您可以在此处找到完整的源代码:开源项目
You can find the entire sourcecode here: opensource project
在此处执行以下操作:提交
And this certain commit here: commit
非常感谢您的帮助,
Max
推荐答案
我的错误很简单:不是'method':'dosAttack'
,但'name':'dosAttack'
。好像文档 MeteorDoc DDPRateLimiter 中的示例一样,也会犯同样的错误。我在流星GitHub页面上创建了问题
My mistake is simple: It is not 'method': 'dosAttack'
but 'name': 'dosAttack'
. Seems like the example in the documentation MeteorDoc DDPRateLimiter does the same mistake. I created an issue on the meteor GitHub page
这篇关于流星:使用ddp-rate-limiter程序包限制DDP连接的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!