mirror of
https://github.com/lightninglabs/aperture.git
synced 2026-02-15 14:34:28 +01:00
a3ee1e0d17
Implement a token-bucket rate limiter for aperture that limits requests per service endpoint. The rate limiter uses golang.org/x/time/rate and provides per-key limiting with L402 token ID extraction (falling back to IP address for unauthenticated requests). Key components: - RateLimitConfig: Configuration struct with path regex, requests/per/burst - RateLimiter: Manages per-key rate.Limiter instances with LRU eviction to prevent memory exhaustion (default 10,000 entries) - Prometheus metrics: allowed/denied counters, cache size, evictions This addresses GitHub issue #200 for DoS protection on authenticated endpoints that are free of charge after L402 payment.