Skip to content

Rate Limiting #387

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 3 commits into
base: develop
Choose a base branch
from
Open

Rate Limiting #387

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
d29aeaa
feature/Handle OAuth session expired issue
constantine2nd Sep 3, 2025
09d9678
feature/Add development docker compose
constantine2nd Sep 3, 2025
4be2283
feature/Add edit/show rate limiting feature
constantine2nd Sep 5, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 2 additions & 3 deletions apimanager/base/context_processors.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@

def api_version_processor(request):
"""Returns the configured API_VERSION"""
return {'API_VERSION': settings.API_VERSION['v500']}
return {'API_VERSION': settings.API_VERSION['v510']}


def portal_page(request):
Expand Down Expand Up @@ -82,7 +82,7 @@ def api_user_id(request):
"""Returns the API user id of the logged-in user"""
user_id = 'not authenticated'
get_current_user_api_url = USER_CURRENT
#Here we can not get the user from obp-api side, so we use the django auth user id here.
#Here we can not get the user from obp-api side, so we use the django auth user id here.
cache_key_django_user_id = request.session._session.get('_auth_user_id')
cache_key = '{},{},{}'.format('api_user_id',get_current_user_api_url, cache_key_django_user_id)
apicaches=None
Expand Down Expand Up @@ -112,4 +112,3 @@ def api_tester_url(request):
"""Returns the URL to the API Tester for the API instance"""
url = getattr(settings, 'API_TESTER_URL', None)
return {'API_TESTER_URL': url}

160 changes: 91 additions & 69 deletions apimanager/base/templates/home.html
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,73 +1,95 @@
{% extends 'base.html' %}
{% load i18n %}
{% block content %}
{% extends 'base.html' %} {% load i18n %} {% block content %}
<div class="home">
<h1>{% trans "Welcome to API Manager" %}</h1>
<div class="well" id="intro">
{% if not user.is_authenticated %}
<p>
{% trans "API Manager allows you to manage some aspects of the OBP instance at " %} <a href="{{ API_HOST }}">{{ API_HOST }}</a>. {% trans "You have to " %} <a href="{{ API_HOST }}" title="Login at {{ API_HOST }}"> {% trans "login" %} </a> {% trans "or" %} <a href="{{ API_HOST }}/user_mgt/sign_up" title="Register at {{ API_HOST }}"> {% trans "register" %} </a> {% trans "an account before being able to proceed" %}.{% trans "Your access is limited by the Entitlements you have." %}
</p>
{% else %}
<p>
{% trans "API Manager allows you to manage some aspects of the OBP instance at " %} <a href="{{ API_HOST }}">{{ API_HOST }}</a>.
</p>
{% endif %}
</div>
{% if not user.is_authenticated %}
<div id="login">
<label for="authentication-select"><h2>{% trans "Authenticate" %}</h2></label>
<div class="row">
<div class="col-xs-12 col-sm-3">
<select class="form-control" id="authentication-select">
<option value="">{% trans "Choose ..." %}</option>
<option value="oauth">OAuth 1/OpenID Connect</option>
{% if ALLOW_DIRECT_LOGIN %}
<option value="directlogin" >DirectLogin</option>
{% endif %}
{% if ALLOW_GATEWAY_LOGIN %}
<option value="gatewaylogin" >GatewayLogin</option>
{% endif %}
</select>
</div>

<div class="col-xs-12 col-sm-9">
<div class="authentication-method" id="authenticate-oauth">
<a class="btn btn-primary" href="{% url 'oauth-initiate' %}{% if request.GET.next %}?next={{ request.GET.next }}{% endif %}">{% trans "Proceed to authentication server" %}</a>
</div>
<div class="authentication-method" id="authenticate-directlogin">
<form action="{% url 'directlogin' %}" method="post">
{% csrf_token %}
<div class="form-group">
<label for="username">Username:</label>
{{ directlogin_form.username }}
</div>
<div class="form-group">
<label for="password">Password:</label>
{{ directlogin_form.password }}
</div>
<button class="btn btn-primary">Login</button>
</form>
</div>
<div class="authentication-method" id="authenticate-gatewaylogin">
<form action="{% url 'gatewaylogin' %}" method="post">
{% csrf_token %}
<div class="form-group">
<label for="username">Username:</label>
{{ gatewaylogin_form.username }}
</div>
<div class="form-group">
<label for="secret">Secret:</label>
{{ gatewaylogin_form.secret }}
</div>
<button class="btn btn-primary">Login</button>
</form>

</div>
</div>
</div>
</div>
{% endif %}
<h1>{% trans "Welcome to API Manager" %}</h1>
<div class="well" id="intro">
{% if not user.is_authenticated %}
<p>
{% trans "API Manager allows you to manage some aspects of the OBP
instance at " %} <a href="{{ API_HOST }}">{{ API_HOST }}</a>. {%
trans "You have to " %}
<a href="{{ API_HOST }}" title="Login at {{ API_HOST }}">
{% trans "login" %}
</a>
{% trans "or" %}
<a
href="{{ API_HOST }}/user_mgt/sign_up"
title="Register at {{ API_HOST }}"
>
{% trans "register" %}
</a>
{% trans "an account before being able to proceed" %}.{% trans "Your
access is limited by the Entitlements you have." %}
</p>
{% else %}
<p>
{% trans "API Manager allows you to manage some aspects of the OBP
instance at " %} <a href="{{ API_HOST }}">{{ API_HOST }}</a>.
</p>
{% endif %}
</div>
{% if not user.is_authenticated %}
<div id="login">
<label for="authentication-select"
><h2>{% trans "Authenticate" %}</h2></label
>
<div class="row">
<div class="col-xs-12 col-sm-3">
<select class="form-control" id="authentication-select">
<option value="">{% trans "Choose ..." %}</option>
<option value="oauth">OAuth 1/OpenID Connect</option>
{% if ALLOW_DIRECT_LOGIN %}
<option value="directlogin">DirectLogin</option>
{% endif %} {% if ALLOW_GATEWAY_LOGIN %}
<option value="gatewaylogin">GatewayLogin</option>
{% endif %}
</select>
</div>

<div class="col-xs-12 col-sm-9">
<div class="authentication-method" id="authenticate-oauth">
<a
class="btn btn-primary"
href="{% url 'oauth-initiate' %}{% if request.GET.next %}?next={{ request.GET.next }}{% endif %}"
>{% trans "Proceed to authentication server" %}</a
>
</div>
<div
class="authentication-method"
id="authenticate-directlogin"
>
<form action="{% url 'directlogin' %}" method="post">
{% csrf_token %}
<div class="form-group">
<label for="username">Username:</label>
{{ directlogin_form.username }}
</div>
<div class="form-group">
<label for="password">Password:</label>
{{ directlogin_form.password }}
</div>
<button class="btn btn-primary">Login</button>
</form>
</div>
<div
class="authentication-method"
id="authenticate-gatewaylogin"
>
<form action="{% url 'gatewaylogin' %}" method="post">
{% csrf_token %}
<div class="form-group">
<label for="username">Username:</label>
{{ gatewaylogin_form.username }}
</div>
<div class="form-group">
<label for="secret">Secret:</label>
{{ gatewaylogin_form.secret }}
</div>
<button class="btn btn-primary">Login</button>
</form>
</div>
</div>
</div>
</div>
{% endif %}
</div>
{% endblock %}
49 changes: 44 additions & 5 deletions apimanager/consumers/forms.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,8 +12,45 @@ class ApiConsumersForm(forms.Form):
required=True,
)

from_date = forms.DateTimeField(
label='From Date',
widget=forms.DateTimeInput(
attrs={
'class': 'form-control',
'type': 'datetime-local',
'value': '2024-01-01T00:00',
}
),
required=False,
initial='2024-01-01T00:00:00',
)

to_date = forms.DateTimeField(
label='To Date',
widget=forms.DateTimeInput(
attrs={
'class': 'form-control',
'type': 'datetime-local',
'value': '2026-01-01T00:00',
}
),
required=False,
initial='2026-01-01T00:00:00',
)

per_second_call_limit = forms.IntegerField(
label='Per Second Call Limit',
widget=forms.NumberInput(
attrs={
'class': 'form-control',
}
),
initial=-1,
required=False,
)

per_minute_call_limit = forms.IntegerField(
label='per_minute_call_limit',
label='Per Minute Call Limit',
widget=forms.NumberInput(
attrs={
'class': 'form-control',
Expand All @@ -24,7 +61,7 @@ class ApiConsumersForm(forms.Form):
)

per_hour_call_limit = forms.IntegerField(
label='per_hour_call_limit',
label='Per Hour Call Limit',
widget=forms.NumberInput(
attrs={
'class': 'form-control',
Expand All @@ -33,8 +70,9 @@ class ApiConsumersForm(forms.Form):
initial=-1,
required=False,
)

per_day_call_limit = forms.IntegerField(
label='per_day_call_limit',
label='Per Day Call Limit',
widget=forms.NumberInput(
attrs={
'class': 'form-control',
Expand All @@ -43,8 +81,9 @@ class ApiConsumersForm(forms.Form):
initial=-1,
required=False,
)

per_week_call_limit = forms.IntegerField(
label='per_week_call_limit',
label='Per Week Call Limit',
widget=forms.NumberInput(
attrs={
'class': 'form-control',
Expand All @@ -55,7 +94,7 @@ class ApiConsumersForm(forms.Form):
)

per_month_call_limit = forms.IntegerField(
label='per_month_call_limit',
label='Per Month Call Limit',
widget=forms.NumberInput(
attrs={
'class': 'form-control',
Expand Down
Loading