From 27654afadb5088dda4eafd83f07410c2a48fa4b0 Mon Sep 17 00:00:00 2001
From: Florian Pritz <bluewind@xinu.at>
Date: Thu, 1 Feb 2018 11:55:44 +0100
Subject: Add rate limit support to API

This allows us to prevent users from hammering the API every few seconds
to check if any of their packages were updated. Real world users check
as often as every 5 or 10 seconds.

Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
---
 schema/aur-schema.sql | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'schema/aur-schema.sql')

diff --git a/schema/aur-schema.sql b/schema/aur-schema.sql
index 45272bbe..79de3f27 100644
--- a/schema/aur-schema.sql
+++ b/schema/aur-schema.sql
@@ -399,3 +399,13 @@ CREATE TABLE AcceptedTerms (
 	FOREIGN KEY (UsersID) REFERENCES Users(ID) ON DELETE CASCADE,
 	FOREIGN KEY (TermsID) REFERENCES Terms(ID) ON DELETE CASCADE
 ) ENGINE = InnoDB;
+
+-- Rate limits for API
+--
+CREATE TABLE `ApiRateLimit` (
+  IP VARCHAR(45) NOT NULL,
+  Requests INT(11) NOT NULL,
+  WindowStart BIGINT(20) NOT NULL,
+  PRIMARY KEY (`ip`)
+) ENGINE = InnoDB;
+CREATE INDEX ApiRateLimitWindowStart ON ApiRateLimit (WindowStart);
-- 
cgit v1.2.3-24-g4f1b