FongX777 commented on issue #10937: URL: https://github.com/apache/apisix/issues/10937#issuecomment-2300657487
Thanks @dgpratikpatil , but I found a problem in this method when I tried to mix up different strategy for different users with "show_limit_quota_header" enabled. Let's say I have a route `/web1` and three users (user1, user2, user3 with password `+user1`, `+user2`, `+user3`), and I want to config: - The route is protected by limit-count 5 req per min - But user 1 can only request 2 times per min - user 2 can request 10 times per min This is my admin API request: ``` # Create a service PUT http://127.0.0.1:9180/apisix/admin/services/1 X-API-KEY: edd1c9f034335f136f87ad84b625c8f1 Content-Type: application/json { "upstream": { "type": "roundrobin", "nodes": { "web1:80": 1 } }, "plugins": { "key-auth": { "header": "apikey" } } } # Create a route PUT http://127.0.0.1:9180/apisix/admin/routes/1 X-API-KEY: edd1c9f034335f136f87ad84b625c8f1 Content-Type: application/json { "uri":"/web1", "host": "localhost", "service_id": "1", "plugins":{ "limit-count": { "count": 5, "key": "consumer_name", "time_window": 60, "rejected_msg": "Too many to handle!!" }, "workflow":{ "rules":[ { "case":[ ["consumer_name", "==", "user1"] ], "actions":[ [ "limit-count", { "count": 2, "key": "consumer_name", "time_window": 60, "rejected_code": 429 } ] ] }, { "case":[ ["consumer_name", "==", "user2"] ], "actions":[ [ "limit-count", { "count":10, "key": "consumer_name", "time_window": 60, "rejected_code": 429 } ] ] } ] } } } ``` When I requested the API, the HTTP response header did not look right. The first API call should respond with `X-RateLimit-Limit: 2` and `X-RateLimit-Remaining: 1`. It seems like it only respond with the correct header when the limit is reached. ``` # first call $ http localhost:9080/web1 "apikey: +user1" HTTP/1.1 200 OK Connection: keep-alive Content-Length: 10 Content-Type: text/plain; charset=utf-8 Date: Wed, 21 Aug 2024 03:39:50 GMT Server: APISIX/3.9.0 X-RateLimit-Limit: 5 # <<--- should be 2 X-RateLimit-Remaining: 4 # <<--- should be 1 X-RateLimit-Reset: 60 hello web1 # second call $ http localhost:9080/web1 "apikey: +user1" HTTP/1.1 200 OK Connection: keep-alive Content-Length: 10 Content-Type: text/plain; charset=utf-8 Date: Wed, 21 Aug 2024 03:39:52 GMT Server: APISIX/3.9.0 X-RateLimit-Limit: 5 # <<--- should be 1 X-RateLimit-Remaining: 3 # <<--- should be 0 X-RateLimit-Reset: 58 hello web1 # third call $ http localhost:9080/web1 "apikey: +user1" HTTP/1.1 429 Too Many Requests Connection: keep-alive Content-Length: 241 Content-Type: text/html; charset=utf-8 Date: Wed, 21 Aug 2024 03:39:53 GMT Server: APISIX/3.9.0 X-RateLimit-Limit: 2 X-RateLimit-Remaining: 0 X-RateLimit-Reset: 57 <html> <head><title>429 Too Many Requests</title></head> <body> <center><h1>429 Too Many Requests</h1></center> <hr><center>openresty</center> <p><em>Powered by <a href="https://apisix.apache.org/";>APISIX</a>.</em></p></body> </html> ``` NOTE: I ran it on docker-compose, and the sample code is from the official [example](https://github.com/apache/apisix-docker/blob/master/example/docker-compose.yml) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
