# frozen_string_literal: true

# require "rack-attack"
module Rack
  class Attack
    class Request < ::Rack::Request
      def remote_ip
        # Cloudflare stores remote IP in CF_CONNECTING_IP header
        @_remote_ip ||= (env["HTTP_CF_CONNECTING_IP"] ||
                        env["action_dispatch.remote_ip"] ||
                        ip).to_s
      end
    end
  end
end

module NeetoCommonsBackend
  module Initializers
    class << self
      def rack_attack
        # IP Blacklist - comma separated
        blocked_ips = ENV["RACK_ATTACK_BLOCKED_IPS"].to_s.split(",")
        blocked_ips.each do |ip|
          Rack::Attack.blocklist_ip(ip)
        end

        if ENV["ENABLE_RACK_ATTACK"] == "true"
          (3..5).each do |level|
            Rack::Attack.throttle(
              "req/ip/#{level}",
              limit: (30 * (2**level)),
              period: (0.9 * (8**level)).to_i.seconds, &:remote_ip)
          end
        end
      end
    end
  end
end