[nginx] allowing auth_request to proxy TOO_MANY_REQUESTS
Maxim Dounin
mdounin at mdounin.ru
Sat Oct 8 10:44:49 UTC 2022
Hello!
On Fri, Oct 07, 2022 at 12:52:58PM +0200, Anders Nicolaisen via nginx-devel wrote:
> Having the authentication server handling the 429_TOO_MANY_REQUESTS,
> allows it to accommodate users with varying limits;
> e.g. user1 is allowed 3 requests per second, and user2 is allowed 10 r/s.
The auth_request module is to implement authentication, not
request limiting. If you need to implement request limiting,
readily available solutions would be:
- Use X-Accel-Redirect instead, which is mostly equivalent to
auth_request, yet makes it possible to return anything to the
client.
- Configure an error_page 403 with appropriate handling to return
429 (or whatever) based on additional headers from the auth
server.
Hope this helps.
--
Maxim Dounin
http://mdounin.ru/
More information about the nginx-devel
mailing list