This repository was archived by the owner on Oct 3, 2023. It is now read-only.
This repository was archived by the owner on Oct 3, 2023. It is now read-only.
WebAPI #35
Open
Description
Add a flexible and fast Web API that supports both single http request and persistent Web sockets connections for real time communication.
_WebSockets support for API Server_
- This is needed for push-based real time applications
_Post and preprocessing for request handlers_
- Preprocessors would process the request data (like for example validation)
- ~~~Postprocessors would process the generated response (for example another module that adds fields to an existing handler instead of creating a new one)~~~ (probably not as useful as it seemed)
_Early IP validation_
- The ip Whitelist and blacklist checks should occur as early in the request pipeline as possible to optimize performance and minimize ddos vulnerabilities
_Web sockets connection limit_
- Limit per IP (global configuration)
- Global limit (all connections)
_Authentication_
- request authentication using the user storage
_Rate limiting_
- The web API should limit the request rate per user to mitigate flooding and similar attacks
_Route matcher_
- Implement a route matcher that uses a tree structure to match the specific parts of routes