NETCORE - 限流
NETCORE - 限流
AspNetCoreRateLimit是ASP.NET核心速率限制框架,能够对WebApi,Mvc中控制限流,AspNetCoreRateLimit包包含IpRateLimit中间件和ClientRateLimit中间件,每个中间件都可以为不同的场景设置多个限,该框架的作者是stefanprodan,项目nuget地址是https://github.com/stefanprodan/AspNetCoreRateLimit。
IpRateLimitMiddleware(Github: AspNetCoreRateLimit) 是ASPNETCore的一个限流的中间件,用于控制客户端调用API的频次, 如果客户端频繁访问服务器,可以限制它的频率,已降低访问服务器端的压力。或者如果有爬虫在爬取关键数据,也可以限制某个/某些API或者某些IP的每天调取次数, 这样限制他爬取的速度。
环境:.NET6 WebApi 项目
1. 创建项目:NETCORE.RateLimit
2. 安装依赖:
Install-Package AspNetCoreRateLimit Install-Package AspNetCoreRateLimit.Redis
3. 注入, Program.cs 类中
using AspNetCoreRateLimit; var builder = WebApplication.CreateBuilder(args); var Configuration = builder.Configuration; // needed to load configuration from appsettings.json builder.Services.AddOptions(); // needed to store rate limit counters and ip rules builder.Services.AddMemoryCache(); //load general configuration from appsettings.json builder.Services.Configure<IpRateLimitOptions>(Configuration.GetSection("IpRateLimiting")); //load ip rules from appsettings.json builder.Services.Configure<IpRateLimitPolicies>(Configuration.GetSection("IpRateLimitPolicies")); // inject counter and rules stores builder.Services.AddInMemoryRateLimiting(); //services.AddDistributedRateLimiting<AsyncKeyLockProcessingStrategy>(); //services.AddDistributedRateLimiting<RedisProcessingStrategy>(); //services.AddRedisRateLimiting(); // configuration (resolvers, counter key builders) builder.Services.AddSingleton<IRateLimitConfiguration, RateLimitConfiguration>(); // Add services to the container. builder.Services.AddControllers(); // Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle builder.Services.AddEndpointsApiExplorer(); builder.Services.AddSwaggerGen(); var app = builder.Build(); //在注册任何其他组件之前注册中间件 app.UseIpRateLimiting(); app.UseSwagger(); app.UseSwaggerUI(); app.UseHttpsRedirection(); app.UseAuthorization(); app.MapControllers(); app.Run();
注:应该在注册任何其他组件之前注册中间件。
4. 修改 appsetting.json 文件
增加 IpRateLimiting 、IpRateLimitPolicies 这两个节点
文档中配置成5s中允许访问10次,超出则报429错误
{ "Logging": { "LogLevel": { "Default": "Information", "Microsoft.AspNetCore": "Warning" } }, "AllowedHosts": "*", "IpRateLimiting": { "EnableEndpointRateLimiting": false, "StackBlockedRequests": false, "RealIpHeader": "X-Real-IP", "ClientIdHeader": "X-ClientId", "HttpStatusCode": 429, //"IpWhitelist": [ "127.0.0.1", "::1/10", "192.168.0.0/24" ], //"EndpointWhitelist": [ "get:/api/license", "*:/api/status" ], //"ClientWhitelist": [ "dev-id-1", "dev-id-2" ], "GeneralRules": [ { "Endpoint": "*", "Period": "5s", "Limit": 10 }, //{ // "Endpoint": "*", // "Period": "15m", // "Limit": 100 //}, //{ // "Endpoint": "*", // "Period": "12h", // "Limit": 1000 //}, //{ // "Endpoint": "*", // "Period": "7d", // "Limit": 10000 //} ] }, "IpRateLimitPolicies": { "IpRules": [ //{ // "Ip": "84.247.85.224", // "Rules": [ // { // "Endpoint": "*", // "Period": "1s", // "Limit": 10 // }, // { // "Endpoint": "*", // "Period": "15m", // "Limit": 200 // } // ] //}, //{ // "Ip": "192.168.3.22/25", // "Rules": [ // { // "Endpoint": "*", // "Period": "1s", // "Limit": 5 // }, // { // "Endpoint": "*", // "Period": "15m", // "Limit": 150 // }, // { // "Endpoint": "*", // "Period": "12h", // "Limit": 500 // } // ] //} ] } }
测试
参考:https://www.cnblogs.com/wl-blog/p/17202440.html
