Django 限制访问频率的思路详解
最近做了一个系统由于部分接口需要进行耗时操作,因而不希望用户进行频繁访问,需要进行访问频率限制。如果要自己实现一个访问限制功能相对来说也不会太复杂,并且网上有各种代码可以参考。如果自己不想实现这个代码可以使用 DjangoRatelimit。
DjangoRatelimitisaratelimitingdecoratorforDjangoviews. https://travis-ci.org/jsocol/django-ratelimit.png?branch=masterCode:https://github.com/jsocol/django-ratelimitLicense:ApacheSoftwareLicenseIssues:https://github.com/jsocol/django-ratelimit/issuesDocumentation:http://django-ratelimit.readthedocs.org/
使用方法也相对来说比较简单:
@ratelimit(key='ip',rate='5/m')
defmyview(request):
#WillbetrueifthesameIPmakesmorethan5POST
#requests/minute.
was_limited=getattr(request,'limited',False)
returnHttpResponse()
@ratelimit(key='ip',rate='5/m',block=True)
defmyview(request):
#IfthesameIPmakes>5reqs/min,willraiseRatelimited
returnHttpResponse()
@ratelimit(key='post:username',rate='5/m',method=['GET','POST'])
deflogin(request):
#Ifthesameusernameisused>5times/min,thiswillbeTrue.
#The`username`valuewillcomefromGETorPOST,determinedbythe
#requestmethod.
was_limited=getattr(request,'limited',False)
returnHttpResponse()
@ratelimit(key='post:username',rate='5/m')
@ratelimit(key='post:tenant',rate='5/m')
deflogin(request):
#Usemultiplekeysbystackingdecorators.
returnHttpResponse()
@ratelimit(key='get:q',rate='5/m')
@ratelimit(key='post:q',rate='5/m')
defsearch(request):
#Thesetwodecoratorscombinetoformoneratelimit:thesamesearch
#querycanonlybetried5timesaminute,regardlessoftherequest
#method(GETorPOST)
returnHttpResponse()
@ratelimit(key='ip',rate='4/h')
defslow(request):
#Allow4reqs/hour.
returnHttpResponse()
rate=lambdar:Noneifrequest.user.is_authenticatedelse'100/h'
@ratelimit(key='ip',rate=rate)
defskipif1(request):
#Onlyratelimitanonymousrequests
returnHttpResponse()
@ratelimit(key='user_or_ip',rate='10/s')
@ratelimit(key='user_or_ip',rate='100/m')
defburst_limit(request):
#Implementaseparateburstlimit.
returnHttpResponse()
@ratelimit(group='expensive',key='user_or_ip',rate='10/h')
defexpensive_view_a(request):
returnsomething_expensive()
@ratelimit(group='expensive',key='user_or_ip',rate='10/h')
defexpensive_view_b(request):
#Sharesacounterwithexpensive_view_a
returnsomething_else_expensive()
@ratelimit(key='header:x-cluster-client-ip')
defpost(request):
#UsestheX-Cluster-Client-IPheadervalue.
returnHttpResponse()
@ratelimit(key=lambdar:r.META.get('HTTP_X_CLUSTER_CLIENT_IP',
r.META['REMOTE_ADDR'])
defmyview(request):
#Use`X-Cluster-Client-IP`butfallbacktoREMOTE_ADDR.
returnHttpResponse()
不过需要注意如果和djangorestframwork一起使用的话,要将Ratelimit装饰器放到第一行,如下:
@ratelimit(key='user',rate='1/3s',block=True,method=ratelimit.ALL) @api_view(['POST','GET']) @csrf_exempt defapi_get_level(request):
否则会导致如下的错误信息:
IndexErrorat/rest-api/level/ tupleindexoutofrange RequestMethod:GET RequestURL:http://192.168.1.195:8006/rest-api/level/ DjangoVersion:2.2.7 ExceptionType:IndexError ExceptionValue: tupleindexoutofrange ExceptionLocation:F:\PyCharmProjects\server\venv\lib\site-packages\ratelimit\decorators.pyin_wrapped,line23 PythonExecutable:F:\PyCharmProjects\server\venv\Scripts\python.exe PythonVersion:3.7.5 PythonPath: ['F:\\PyCharmProjects\\server\\TaichiGameServer', 'I:\\Python37-64\\python37.zip', 'I:\\Python37-64\\DLLs', 'I:\\Python37-64\\lib', 'I:\\Python37-64', 'F:\\PyCharmProjects\\server\\venv', 'F:\\PyCharmProjects\\server\\venv\\lib\\site-packages', 'F:\\PyCharmProjects\\server\\venv\\lib\\site-packages\\setuptools-39.1.0-py3.7.egg'] Servertime:Tue,24Dec201909:49:01+0800 Traceback(mostrecentcalllast): File"F:\PyCharmProjects\server\venv\lib\site-packages\django\core\handlers\exception.py",line34,ininner response=get_response(request) File"F:\PyCharmProjects\server\venv\lib\site-packages\django\core\handlers\base.py",line115,in_get_response response=self.process_exception_by_middleware(e,request) File"F:\PyCharmProjects\server\venv\lib\site-packages\django\core\handlers\base.py",line113,in_get_response response=wrapped_callback(request,*callback_args,**callback_kwargs) File"F:\PyCharmProjects\server\venv\lib\site-packages\django\views\decorators\csrf.py",line54,inwrapped_view returnview_func(*args,**kwargs) File"F:\PyCharmProjects\server\venv\lib\site-packages\django\views\generic\base.py",line71,inview returnself.dispatch(request,*args,**kwargs) File"F:\PyCharmProjects\server\venv\lib\site-packages\rest_framework\views.py",line505,indispatch response=self.handle_exception(exc) File"F:\PyCharmProjects\server\venv\lib\site-packages\rest_framework\views.py",line465,inhandle_exception self.raise_uncaught_exception(exc) File"F:\PyCharmProjects\server\venv\lib\site-packages\rest_framework\views.py",line476,inraise_uncaught_exception raiseexc File"F:\PyCharmProjects\server\venv\lib\site-packages\rest_framework\views.py",line502,indispatch response=handler(request,*args,**kwargs) File"F:\PyCharmProjects\server\venv\lib\site-packages\rest_framework\decorators.py",line50,inhandler returnfunc(*args,**kwargs) File"F:\PyCharmProjects\server\venv\lib\site-packages\django\views\decorators\csrf.py",line54,inwrapped_view returnview_func(*args,**kwargs) File"F:\PyCharmProjects\server\venv\lib\site-packages\ratelimit\decorators.py",line23,in_wrapped request=args[1] IndexError:tupleindexoutofrange
总结
以上所述是小编给大家介绍的Django限制访问频率的思路详解,希望对大家有所帮助,如果大家有任何疑问请给我留言,小编会及时回复大家的。在此也非常感谢大家对毛票票网站的支持!
如果你觉得本文对你有帮助,欢迎转载,烦请注明出处,谢谢!
声明:本文内容来源于网络,版权归原作者所有,内容由互联网用户自发贡献自行上传,本网站不拥有所有权,未作人工编辑处理,也不承担相关法律责任。如果您发现有涉嫌版权的内容,欢迎发送邮件至:czq8825#qq.com(发邮件时,请将#更换为@)进行举报,并提供相关证据,一经查实,本站将立刻删除涉嫌侵权内容。