Django 限制访问频率的思路详解
最近做了一个系统由于部分接口需要进行耗时操作,因而不希望用户进行频繁访问,需要进行访问频率限制。如果要自己实现一个访问限制功能相对来说也不会太复杂,并且网上有各种代码可以参考。如果自己不想实现这个代码可以使用 DjangoRatelimit。
DjangoRatelimitisaratelimitingdecoratorforDjangoviews. https://travis-ci.org/jsocol/django-ratelimit.png?branch=masterCode:https://github.com/jsocol/django-ratelimitLicense:ApacheSoftwareLicenseIssues:https://github.com/jsocol/django-ratelimit/issuesDocumentation:http://django-ratelimit.readthedocs.org/
使用方法也相对来说比较简单:
@ratelimit(key='ip',rate='5/m') defmyview(request): #WillbetrueifthesameIPmakesmorethan5POST #requests/minute. was_limited=getattr(request,'limited',False) returnHttpResponse() @ratelimit(key='ip',rate='5/m',block=True) defmyview(request): #IfthesameIPmakes>5reqs/min,willraiseRatelimited returnHttpResponse() @ratelimit(key='post:username',rate='5/m',method=['GET','POST']) deflogin(request): #Ifthesameusernameisused>5times/min,thiswillbeTrue. #The`username`valuewillcomefromGETorPOST,determinedbythe #requestmethod. was_limited=getattr(request,'limited',False) returnHttpResponse() @ratelimit(key='post:username',rate='5/m') @ratelimit(key='post:tenant',rate='5/m') deflogin(request): #Usemultiplekeysbystackingdecorators. returnHttpResponse() @ratelimit(key='get:q',rate='5/m') @ratelimit(key='post:q',rate='5/m') defsearch(request): #Thesetwodecoratorscombinetoformoneratelimit:thesamesearch #querycanonlybetried5timesaminute,regardlessoftherequest #method(GETorPOST) returnHttpResponse() @ratelimit(key='ip',rate='4/h') defslow(request): #Allow4reqs/hour. returnHttpResponse() rate=lambdar:Noneifrequest.user.is_authenticatedelse'100/h' @ratelimit(key='ip',rate=rate) defskipif1(request): #Onlyratelimitanonymousrequests returnHttpResponse() @ratelimit(key='user_or_ip',rate='10/s') @ratelimit(key='user_or_ip',rate='100/m') defburst_limit(request): #Implementaseparateburstlimit. returnHttpResponse() @ratelimit(group='expensive',key='user_or_ip',rate='10/h') defexpensive_view_a(request): returnsomething_expensive() @ratelimit(group='expensive',key='user_or_ip',rate='10/h') defexpensive_view_b(request): #Sharesacounterwithexpensive_view_a returnsomething_else_expensive() @ratelimit(key='header:x-cluster-client-ip') defpost(request): #UsestheX-Cluster-Client-IPheadervalue. returnHttpResponse() @ratelimit(key=lambdar:r.META.get('HTTP_X_CLUSTER_CLIENT_IP', r.META['REMOTE_ADDR']) defmyview(request): #Use`X-Cluster-Client-IP`butfallbacktoREMOTE_ADDR. returnHttpResponse()
不过需要注意如果和djangorestframwork一起使用的话,要将Ratelimit装饰器放到第一行,如下:
@ratelimit(key='user',rate='1/3s',block=True,method=ratelimit.ALL) @api_view(['POST','GET']) @csrf_exempt defapi_get_level(request):
否则会导致如下的错误信息:
IndexErrorat/rest-api/level/ tupleindexoutofrange RequestMethod:GET RequestURL:http://192.168.1.195:8006/rest-api/level/ DjangoVersion:2.2.7 ExceptionType:IndexError ExceptionValue: tupleindexoutofrange ExceptionLocation:F:\PyCharmProjects\server\venv\lib\site-packages\ratelimit\decorators.pyin_wrapped,line23 PythonExecutable:F:\PyCharmProjects\server\venv\Scripts\python.exe PythonVersion:3.7.5 PythonPath: ['F:\\PyCharmProjects\\server\\TaichiGameServer', 'I:\\Python37-64\\python37.zip', 'I:\\Python37-64\\DLLs', 'I:\\Python37-64\\lib', 'I:\\Python37-64', 'F:\\PyCharmProjects\\server\\venv', 'F:\\PyCharmProjects\\server\\venv\\lib\\site-packages', 'F:\\PyCharmProjects\\server\\venv\\lib\\site-packages\\setuptools-39.1.0-py3.7.egg'] Servertime:Tue,24Dec201909:49:01+0800 Traceback(mostrecentcalllast): File"F:\PyCharmProjects\server\venv\lib\site-packages\django\core\handlers\exception.py",line34,ininner response=get_response(request) File"F:\PyCharmProjects\server\venv\lib\site-packages\django\core\handlers\base.py",line115,in_get_response response=self.process_exception_by_middleware(e,request) File"F:\PyCharmProjects\server\venv\lib\site-packages\django\core\handlers\base.py",line113,in_get_response response=wrapped_callback(request,*callback_args,**callback_kwargs) File"F:\PyCharmProjects\server\venv\lib\site-packages\django\views\decorators\csrf.py",line54,inwrapped_view returnview_func(*args,**kwargs) File"F:\PyCharmProjects\server\venv\lib\site-packages\django\views\generic\base.py",line71,inview returnself.dispatch(request,*args,**kwargs) File"F:\PyCharmProjects\server\venv\lib\site-packages\rest_framework\views.py",line505,indispatch response=self.handle_exception(exc) File"F:\PyCharmProjects\server\venv\lib\site-packages\rest_framework\views.py",line465,inhandle_exception self.raise_uncaught_exception(exc) File"F:\PyCharmProjects\server\venv\lib\site-packages\rest_framework\views.py",line476,inraise_uncaught_exception raiseexc File"F:\PyCharmProjects\server\venv\lib\site-packages\rest_framework\views.py",line502,indispatch response=handler(request,*args,**kwargs) File"F:\PyCharmProjects\server\venv\lib\site-packages\rest_framework\decorators.py",line50,inhandler returnfunc(*args,**kwargs) File"F:\PyCharmProjects\server\venv\lib\site-packages\django\views\decorators\csrf.py",line54,inwrapped_view returnview_func(*args,**kwargs) File"F:\PyCharmProjects\server\venv\lib\site-packages\ratelimit\decorators.py",line23,in_wrapped request=args[1] IndexError:tupleindexoutofrange
总结
以上所述是小编给大家介绍的Django限制访问频率的思路详解,希望对大家有所帮助,如果大家有任何疑问请给我留言,小编会及时回复大家的。在此也非常感谢大家对毛票票网站的支持!
如果你觉得本文对你有帮助,欢迎转载,烦请注明出处,谢谢!
声明:本文内容来源于网络,版权归原作者所有,内容由互联网用户自发贡献自行上传,本网站不拥有所有权,未作人工编辑处理,也不承担相关法律责任。如果您发现有涉嫌版权的内容,欢迎发送邮件至:czq8825#qq.com(发邮件时,请将#更换为@)进行举报,并提供相关证据,一经查实,本站将立刻删除涉嫌侵权内容。