Added audit_only, fault_tolerant flags and option to define custom st…

…atus_code Signed-off-by: Nilesh Bhadana <[email protected]>
dream11 · Jan 11, 2024 · 1000fe8 · 1000fe8
1 parent 9a07a5a
commit 1000fe8
Show file tree

Hide file tree

Showing 2 changed files with 36 additions and 2 deletions.
diff --git a/kong/plugins/scalable-rate-limiter/handler.lua b/kong/plugins/scalable-rate-limiter/handler.lua
@@ -72,6 +72,7 @@ function RateLimitingHandler:access(conf)
 
     -- Consumer is identified by ip address or authenticated_credential id
     local identifier, err = get_identifier(conf)
+    local fault_tolerant = conf.fault_tolerant
 
     if err then
         kong.log.err(err)
@@ -88,13 +89,23 @@ function RateLimitingHandler:access(conf)
 
     local usage, stop, err = get_usage(conf, identifier, current_timestamp, limits)
     if err then
+        if not fault_tolerant then
+            return error(err)
+        end
         kong.log.err("failed to get usage: ", tostring(err))
     end
 
     -- If get_usage succeeded and limit has been crossed
     if usage and stop then
-        kong.log.err("API rate limit exceeded")
-        return kong.response.exit(429, { error = { message = conf.error_message }})
+        if conf.limit_by == "service" then
+            kong.log.err("API rate limit exceeded for " .. conf.limit_by .. ":" .. identifier)
+        elseif conf.limit_by == "header" then
+            kong.log.err("API rate limit exceeded for header " .. conf.header_name .. ":" .. identifier)
+        end
+
+        if not conf.audit_only then
+            return kong.response.exit(conf.error_code, { error = { message = conf.error_message }})
+        end
     end
 
     kong.ctx.plugin.timer = function()

diff --git a/kong/plugins/scalable-rate-limiter/schema.lua b/kong/plugins/scalable-rate-limiter/schema.lua
@@ -91,6 +91,29 @@ return {
                             len_min = 0,
                         },
                     },
+                    {
+                        error_code = {
+                            description = "Set a custom error code to return when the rate limit is exceeded.",
+                            type = "number",
+                            default = 429,
+                            gt = 0
+                        },
+                    },
+                    {
+                        fault_tolerant = {
+                            description = "A boolean value that determines if the requests should be proxied even if Kong has troubles connecting a redis. If `true`, requests will be proxied anyway, effectively disabling the rate-limiting function until the data store is working again. If `false`, then the clients will see `500` errors.",
+                            type = "boolean",
+                            required = true,
+                            default = true
+                        },
+                    },
+                    {
+                        audit_only = {
+                            description = "Run the rate-limiter in audit mode only. Enabling this will allow all rate-limited requests to pass through while logging for audit purpose",
+                            type = "boolean",
+                            default = false,
+                        },
+                    },
                     -- {
                     --     use_app_config = {
                     --         type = "boolean",