Thursday, 13 February 2020

Rate Limiting a Listener in Socket.io by UID (Nodejs, MySQL)

This is more a conceptual question, rather than needing any help with code.I want to stop a listener on the backend (e.g. socket.on("newgame", function (data) {) from processing more than one request per second from any UID (userID). I decode the UID from the token, so I don't have to worry about socket.id or ip addresses. It is also allowed for a player to be using multiple clients, but I want to stop simultaneous requests from reading the same balance data.Strategies that I have tried and don't work:1) I thought I could use innoDB engine to collate all the promise queries into a transaction. => This doesn't work because the transactions only block other sessions, and since I'm running a node backend, it is only using one db session.2) Setting a boolean flag in the user table to 'lock'. Before proceeding, the request looks up to see if the UID has a lock on it. => This doesn't work because while it will successful block requests when it is locked, once the flag is returned not locked, simultaneous requests will potentially read the same data.3) Keeping an array of UIDs and checking them. => This does work but is highly inefficient, and leave other errors to result in the array having multiple lock entries of the same UID.I have seen https://github.com/animir/node-rate-limiter-flexible/wiki/Overall-example#websocket-single-connection-prevent-flooding, but I don't really see how I can apply it to a single listener.Is there any good strategy for dealing with this? I know I can stop things easily on the frontend, but I can't trust it. The balances written mustn't be off.

Submitted February 13, 2020 at 10:22PM by 4t89udkdkfjkdsfm

No comments:

Post a Comment