REST-framework之頻率組件

REST-framework之頻率控制

一 頻率簡介

爲了控制用戶對某個url請求的頻率，好比，一分鐘之內，只能訪問三次

二 自定義頻率類，自定義頻率規則

自定義的邏輯

"""
1. 取出訪問者ip
2. 判斷當前ip不在訪問字典裏，添加進去，而且直接返回True,表示第一次訪問，在字典裏，繼續往下走
3. 循環判斷當前ip的列表，有值，而且當前時間減去列表的最後一個時間大於60s，把這種數據pop掉，這樣列表中只有60s之內的訪問時間，
4. 判斷，當列表小於3，說明一分鐘之內訪問不足三次，把當前時間插入到列表第一個位置，返回True，順利經過
5. 當大於等於3，說明一分鐘內訪問超過三次，返回False驗證失敗
"""

代碼實現：

class MyThrottles():
    VISIT_RECORD = {}
    def __init__(self):
        self.history=None

    def allow_request(self,request, view):
        # 1. 取出訪問者ip
        # print(request.META)
        ip=request.META.get('REMOTE_ADDR')
        import time
        ctime=time.time()
        # 2. 判斷當前ip不在訪問字典裏，添加進去，
        # 而且直接返回True,表示第一次訪問
        if ip not in self.VISIT_RECORD:
            self.VISIT_RECORD[ip]=[ctime,]
            return True
        self.history=self.VISIT_RECORD.get(ip)
        # 3. 循環判斷當前ip的列表，有值，而且當前時間減去列表的最後一個
        # 時間大於60s，把這種數據pop掉，這樣列表中只有60s之內的訪問時間，
        while self.history and ctime-self.history[-1]>60:
            self.history.pop()
        # 4. 判斷，當列表小於3，說明一分鐘之內訪問不足三次，
        # 把當前時間插入到列表第一個位置，返回True，順利經過
        # 5. 當大於等於3，說明一分鐘內訪問超過三次，返回False驗證失敗
        if len(self.history) < 3 :
            self.history.insert(0,ctime)
            return True
        else:
            return False

    def wait(self):
        import time
        ctime=time.time()
        return 60-(ctime-self.history[-1])

三 內置頻率類及局部使用

寫一個類，繼承自SimpleRateThrottle，（根據ip限制）問：要根據用戶如今怎麼寫

from rest_framework.throttling import SimpleRateThrottle
class VisitThrottle(SimpleRateThrottle):
    scope = 'luffy'
    def get_cache_key(self, request, view):
        return self.get_ident(request)

在setting裏配置：（一分鐘訪問三次）

REST_FRAMEWORK = {
    'DEFAULT_THROTTLE_RATES':{
        'luffy':'3/m'
    }
}

在視圖類裏使用

throttle_classes = [MyThrottles,]

錯誤信息的中文提示：

class Course(APIView):
    authentication_classes = [TokenAuth, ]
    permission_classes = [UserPermission, ]
    throttle_classes = [MyThrottles,]

    def get(self, request):
        return HttpResponse('get')

    def post(self, request):
        return HttpResponse('post')

    def throttled(self, request, wait):
        from rest_framework.exceptions import Throttled
        class MyThrottled(Throttled):
            default_detail = '傻逼啊'
            extra_detail_singular = '還有 {wait} second.'
            extra_detail_plural = '出了 {wait} seconds.'
        raise MyThrottled(wait)

內置頻率限制類：

BaseThrottle是全部類的基類

方法：def get_ident(self, request)獲取標識，其實就是獲取ip，自定義的須要繼承它

1.AnonRateThrottle：未登陸用戶ip限制，須要配合auth模塊用

2.SimpleRateThrottle：重寫此方法，能夠實現頻率如今，不須要我們手寫上面自定義的邏輯

3.UserRateThrottle:登陸用戶頻率限制，這個得配合auth模塊來用

4.ScopedRateThrottle：應用在局部視圖上的（忽略）

四 內置頻率類及全局使用

REST_FRAMEWORK = {
    'DEFAULT_THROTTLE_CLASSES':['app01.utils.VisitThrottle',],
    'DEFAULT_THROTTLE_RATES':{
        'luffy':'3/m'
    }
}

五 源碼分析

def check_throttles(self, request):
    for throttle in self.get_throttles():
        if not throttle.allow_request(request, self):
            self.throttled(request, throttle.wait())

def throttled(self, request, wait):
    #拋異常，能夠自定義異常，實現錯誤信息的中文顯示
    raise exceptions.Throttled(wait)

class SimpleRateThrottle(BaseThrottle):
    # 咱本身寫的放在了全局變量，他的在django的緩存中
    cache = default_cache
    # 獲取當前時間，跟咱寫的同樣
    timer = time.time
    # 作了一個字符串格式化，
    cache_format = 'throttle_%(scope)s_%(ident)s'
    scope = None
    # 從配置文件中取DEFAULT_THROTTLE_RATES,因此咱配置文件中應該配置,不然報錯
    THROTTLE_RATES = api_settings.DEFAULT_THROTTLE_RATES

    def __init__(self):
        if not getattr(self, 'rate', None):
            # 從配置文件中找出scope配置的名字對應的值，好比咱寫的‘3/m’,他取出來
            self.rate = self.get_rate()
        # 解析'3/m',解析成 3      m
        self.num_requests, self.duration = self.parse_rate(self.rate)
    # 這個方法須要重寫
    def get_cache_key(self, request, view):
        """
        Should return a unique cache-key which can be used for throttling.
        Must be overridden.

        May return `None` if the request should not be throttled.
        """
        raise NotImplementedError('.get_cache_key() must be overridden')

    def get_rate(self):
        if not getattr(self, 'scope', None):
            msg = ("You must set either `.scope` or `.rate` for '%s' throttle" % (self.__class__.__name__)
            raise ImproperlyConfigured(msg)

        try:
            # 獲取在setting裏配置的字典中的之，self.scope是 咱寫的luffy
            return self.THROTTLE_RATES[self.scope]
        except KeyError:
            msg = "No default throttle rate set for '%s' scope" % self.scope
            raise ImproperlyConfigured(msg)
    # 解析 3/m這種傳參
    def parse_rate(self, rate):
        """
        Given the request rate string, return a two tuple of:
        <allowed number of requests>, <period of time in seconds>
        """
        if rate is None:
            return (None, None)
        num, period = rate.split('/')
        num_requests = int(num)
        # 只取了第一位，也就是 3/mimmmmmmm也是表明一分鐘
        duration = {'s': 1, 'm': 60, 'h': 3600, 'd': 86400}[period[0]]
        return (num_requests, duration)
    # 邏輯跟咱自定義的相同
    def allow_request(self, request, view):
        """
        Implement the check to see if the request should be throttled.

        On success calls `throttle_success`.
        On failure calls `throttle_failure`.
        """
        if self.rate is None:
            return True

        self.key = self.get_cache_key(request, view)
        if self.key is None:
            return True

        self.history = self.cache.get(self.key, [])
        self.now = self.timer()

        # Drop any requests from the history which have now passed the
        # throttle duration
        while self.history and self.history[-1] <= self.now - self.duration:
            self.history.pop()
        if len(self.history) >= self.num_requests:
            return self.throttle_failure()
        return self.throttle_success()
    # 成功返回true，而且插入到緩存中
    def throttle_success(self):
        """
        Inserts the current request's timestamp along with the key
        into the cache.
        """
        self.history.insert(0, self.now)
        self.cache.set(self.key, self.history, self.duration)
        return True
    # 失敗返回false
    def throttle_failure(self):
        """
        Called when a request to the API has failed due to throttling.
        """
        return False

    def wait(self):
        """
        Returns the recommended next request time in seconds.
        """
        if self.history:
            remaining_duration = self.duration - (self.now - self.history[-1])
        else:
            remaining_duration = self.duration

        available_requests = self.num_requests - len(self.history) + 1
        if available_requests <= 0:
            return None

        return remaining_duration / float(available_requests)