deft phoenix
I want to create rate limiters in Spring Boot project. One should be for authorization and accept 5 requests per minute, the other one should be global and accept 60 requests per minute. They should throttle controller methods.
For example, register of AuthConteoller should have auth rate limiter and list of ListingController should have global rate limiter.
// 4 Authentication & authorization
@Controller
public class AuthController extends BaseController {
// ...
// auth rate limiter here
@GetMapping("/registracija")
public String register(Model model) {
RegisterDTO dto = new RegisterDTO();
model.addAttribute("dto", dto);
// 5 Security logging
logger.info("User 'guest' visited registration page.");
return "auth/register";
}
// Main
@Controller
@RequestMapping("/oglasi")
public class ListingController extends BaseController {
// ...
// global rate limiter here
@GetMapping("")
public String list(Model model, Authentication auth,
@RequestParam(name = "strana", defaultValue = "0", required = false) int pageNum,
@RequestParam(name = "redosled", defaultValue = "noviji", required = false) String order) {
// 4 Authentication & authorization
Object user = currentUser(auth);
Page<Listing> page = listingServ.findAll(pageNum, order);
listModel(model, page, order);
// 5 Security logging
logger.info("User {} viewed all listings.", user);
return "listings/listing_list";
} // [1]
I looked at guides such as these:
https://www.innoq.com/en/blog/2024/02/rate-limiting-with-spring-boot/
https://www.baeldung.com/spring-bucket4j
https://medium.com/@AlexanderObregon/how-spring-boot-implements-rate-limiting-for-apis-918103d6acff
https://www.geeksforgeeks.org/advance-java/implementing-rate-limiting-in-a-spring-boot-application/,
but the methods there are not like how I imagined.
marsh adder