酒店
(资料图片)
限流,限制用户访问频率,例如:用户1分钟最多访问100次 或者 短信验证码一天每天可以发送50次, 防止盗刷。
对于匿名用户,使用用户IP作为唯一标识。对于登录用户,使用用户ID或名称作为唯一标识。缓存={用户标识:[12:33,12:32,12:31,12:30,12,] 1小时/5次 12:34 11:34{# settings.pyCACHES = { "default": { "BACKEND": "django_redis.cache.RedisCache", "LOCATION": "redis://127.0.0.1:6379", "OPTIONS": { "CLIENT_CLASS": "django_redis.client.DefaultClient", "PASSWORD": "qwe123", } }}# -*- encoding:utf-8 -*-# @time: 2023/4/21 15:41# @author: ifengfrom django.core.cache import cache as default_cachefrom rest_framework import exceptionsfrom rest_framework import statusfrom rest_framework.throttling import SimpleRateThrottleclass ThrottledException(exceptions.APIException): status_code = status.HTTP_429_TOO_MANY_REQUESTS default_code = "throttled"class MyRateThrottle(SimpleRateThrottle): cache = default_cache # 访问记录存放在django的缓存中(需设置缓存) scope = "user" # 构造缓存中的key cache_format = "throttle_%(scope)s_%(ident)s" # 设置其他访问评率, 例如: 一分钟允许访问10次 # 其他: "s": "sec", "m": "min", "h": "hour", "d": "day" THROTTLE_RATES = {"user": "10/m"} def get_cache_key(self, request, view): if request.user: ident = request.user.id else: ident = self.get_ident(request) # 获取请求用户IP(request中找请求头) # throttle_u # throttle_user_11.11.11.11ser_2 return self.cache_format % {"scope": self.scope, "ident": ident} def throttle_failure(self): wait = self.wait() detail = { "code": 1005, "data": "访问频率限制", "detail": "需要等待 %s s才能访问" % (int(wait)) } raise ThrottledException(detail)class UserView(APIView): throttle_classes = [MyRateThrottle, ] # 限流REST_FRAMEWORK = { # 限流 "DEFAULT_THROTTLE_CLASSES": ["app01.throttle.MyRateThrottle", ], "DEFAULT_THROTTLE_RATES": { "user": "10/m", # "xx":"100/h" }}本质,每个限流的类中都有一个 allow_request方法,此方法内部可以有三种情况:
关键词:
攻略
装备
商城
