Rate Limiting on NMS - magma/magma GitHub Wiki
In the PR https://github.com/magma/magma/pull/15380, Magma gained rate limiting on NMS.
By default after 100 request within 15 minutes for a given IP, a 429: too many request error code is returned by the endpoint for the offending IP, other endpoints still work as expected.
Rate limited endpoints are as follows:
/user/login
/user/logout
/login/oidc/callback
/user/login/oidc/callback
The default rate limit is set in /magma/nms/config/config.ts
in the RATE_LIMIT_CONFIG
variable.
You can override the default values with these environment variables:
RATE_LIMIT_WINDOW=900000
RATE_LIMIT_COUNT=100
Implementation overview
The rate limiting is implemented as a simple middleware returning a 429 response early if the request count limit is reached for a given time window.
To understand the code in depth see https://github.com/magma/magma/pull/15380/files