Invert faucet rate limiting

Rate limits needs to be ordered from specific to generic to ensure that a single user will not exhaust the generic limiter before being limited by the more specific. Resolves filecoin-project#517
moyid · Oct 31, 2019 · b9f8add · b9f8add
1 parent 790ac7b
commit b9f8add
Showing 1 changed file with 27 additions and 26 deletions.
diff --git a/cmd/lotus-fountain/main.go b/cmd/lotus-fountain/main.go
@@ -136,29 +136,29 @@ type handler struct {
 }
 
 func (h *handler) send(w http.ResponseWriter, r *http.Request) {
-	// General limiter to allow throttling all messages that can make it into the mpool
-	if !h.limiter.Allow() {
-		http.Error(w, http.StatusText(http.StatusTooManyRequests), http.StatusTooManyRequests)
+	to, err := address.NewFromString(r.FormValue("address"))
+	if err != nil {
+		w.WriteHeader(400)
+		w.Write([]byte(err.Error()))
 		return
 	}
 
-	// Limit based on IP
-	limiter := h.limiter.GetIPLimiter(r.RemoteAddr)
+	// Limit based on wallet address
+	limiter := h.limiter.GetWalletLimiter(to.String())
 	if !limiter.Allow() {
 		http.Error(w, http.StatusText(http.StatusTooManyRequests), http.StatusTooManyRequests)
 		return
 	}
 
-	to, err := address.NewFromString(r.FormValue("address"))
-	if err != nil {
-		w.WriteHeader(400)
-		w.Write([]byte(err.Error()))
+	// Limit based on IP
+	limiter = h.limiter.GetIPLimiter(r.RemoteAddr)
+	if !limiter.Allow() {
+		http.Error(w, http.StatusText(http.StatusTooManyRequests), http.StatusTooManyRequests)
 		return
 	}
 
-	// Limit based on wallet address
-	limiter = h.limiter.GetWalletLimiter(to.String())
-	if !limiter.Allow() {
+	// General limiter to allow throttling all messages that can make it into the mpool
+	if !h.limiter.Allow() {
 		http.Error(w, http.StatusText(http.StatusTooManyRequests), http.StatusTooManyRequests)
 		return
 	}
@@ -181,19 +181,6 @@ func (h *handler) send(w http.ResponseWriter, r *http.Request) {
 }
 
 func (h *handler) mkminer(w http.ResponseWriter, r *http.Request) {
-	// General limiter owner allow throttling all messages that can make it into the mpool
-	if !h.colLimiter.Allow() {
-		http.Error(w, http.StatusText(http.StatusTooManyRequests), http.StatusTooManyRequests)
-		return
-	}
-
-	// Limit based on IP
-	limiter := h.colLimiter.GetIPLimiter(r.RemoteAddr)
-	if !limiter.Allow() {
-		http.Error(w, http.StatusText(http.StatusTooManyRequests), http.StatusTooManyRequests)
-		return
-	}
-
 	owner, err := address.NewFromString(r.FormValue("address"))
 	if err != nil {
 		w.WriteHeader(400)
@@ -215,11 +202,25 @@ func (h *handler) mkminer(w http.ResponseWriter, r *http.Request) {
 	log.Infof("mkactor on %s", owner)
 
 	// Limit based on wallet address
-	limiter = h.colLimiter.GetWalletLimiter(owner.String())
+	limiter := h.colLimiter.GetWalletLimiter(owner.String())
+	if !limiter.Allow() {
+		http.Error(w, http.StatusText(http.StatusTooManyRequests), http.StatusTooManyRequests)
+		return
+	}
+
+	// Limit based on IP
+	limiter = h.colLimiter.GetIPLimiter(r.RemoteAddr)
 	if !limiter.Allow() {
 		http.Error(w, http.StatusText(http.StatusTooManyRequests), http.StatusTooManyRequests)
 		return
 	}
+
+	// General limiter owner allow throttling all messages that can make it into the mpool
+	if !h.colLimiter.Allow() {
+		http.Error(w, http.StatusText(http.StatusTooManyRequests), http.StatusTooManyRequests)
+		return
+	}
+
 	collateral, err := h.api.StatePledgeCollateral(r.Context(), nil)
 	if err != nil {
 		w.WriteHeader(400)