.Net6简单使用AspNetCoreRateLimit来限流
.Net6简单使用AspNetCoreRateLimit来限流
1:nuget包install
<PackageReference Include="AspNetCoreRateLimit" Version="5.0.0" />
2:主要code
using AspNetCoreRateLimit; using Autofac; using Autofac.Core; using Autofac.Extensions.DependencyInjection; using Jason.TestDemo.WebApi; using Microsoft.AspNetCore.WebSockets; using Microsoft.Extensions.Configuration; using Microsoft.Extensions.Options; using Microsoft.OpenApi.Models; using Swashbuckle.AspNetCore.Filters; var builder = WebApplication.CreateBuilder(args); // Add services to the container. builder.Services.AddControllers().AddNewtonsoftJson(setupAction => { //AddNewtonsoftJson 导入Microsoft.aspnetcore.Mvc.NewtonsoftJson来加入的 setupAction.UseCamelCasing(true); setupAction.SerializerSettings.DateFormatString = "yyyy-MM-dd HH:mm:ss"; }); // 存储IP计数器及配置规则 builder.Services.AddMemoryCache(); //load general configuration from appsettings.json builder.Services.Configure<IpRateLimitOptions>(builder.Configuration.GetSection("IpRateLimiting")); //load ip rules from appsettings.json builder.Services.Configure<IpRateLimitPolicies>(builder.Configuration.GetSection("IpRateLimitPolicies")); builder.Services.AddInMemoryRateLimiting(); //这两个不要忘记注入 builder.Services.AddScoped<IHttpContextAccessor, HttpContextAccessor>(); builder.Services.AddSingleton<IRateLimitConfiguration, RateLimitConfiguration>(); //builder.Services.AddDistributedRateLimiting().AddDistributedSqlServerCache(options => //{ // //TrustServerCertificate=true 加入这个是由于下面, // //SqlException: A connection was successfully established with the server, but then an error occurred during the login process. (provider: SSL Provider, error: 0 - 证书链是由不受信任的颁发机构颁发的。) // options.ConnectionString = "Server=XB-202209190018; Database=testdb; user=zrf; password=zrf123456@;TrustServerCertificate=true "; // options.SchemaName = "dbo"; // options.DefaultSlidingExpiration = TimeSpan.FromSeconds(30); // options.ExpiredItemsDeletionInterval = TimeSpan.FromMinutes(30); // // options.TableName = "iplimittab"; //}); builder.Services.AddWebSockets(config => { config.KeepAliveInterval = TimeSpan.FromMinutes(5); }); // Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle builder.Services.AddEndpointsApiExplorer(); builder.Services.AddSwaggerGen(op => { op.SwaggerDoc("v1", new OpenApiInfo { Title = "Jason Soft", Version = "v1", Description = "Json综合管理平台WebApi V1" }); string basePath = AppDomain.CurrentDomain.BaseDirectory; string[] files = Directory.GetFiles(Path.Combine(basePath, "SwaggerXml"), "*.xml"); foreach (string file in files) op.IncludeXmlComments(file); //../Jason.TestDemo.WebApi/SwaggerXml/JasonModels.xml op.OperationFilter<SecurityRequirementsOperationFilter>(); //region Token绑定到ConfigureServices,swagger右上角显示Token输入框 op.AddSecurityDefinition("oauth2", new OpenApiSecurityScheme { Description = "JWT授权(数据将在请求头中进行传输) 直接在下框中输入Bearer {token}(注意两者之间是一个空格)\"", Name = "Authorization",//jwt默认的参数名称 In = ParameterLocation.Header,//jwt默认存放Authorization信息的位置(请求头中) Type = SecuritySchemeType.ApiKey }); }); builder.Host.UseServiceProviderFactory(new AutofacServiceProviderFactory()).ConfigureContainer<ContainerBuilder>(builder => { builder.RegisterModule<AutoFacContainerInit>(); }); var app = builder.Build(); //使用Ip限流中间件 app.UseIpRateLimiting(); if (app.Environment.IsDevelopment()) { app.UseSwagger(); app.UseSwaggerUI(); } app.UseWebSockets(); //app.UseHttpsRedirection(); app.UseAuthentication(); app.UseAuthorization(); app.MapControllers(); app.Run();
3:appsetting中配置
"IpRateLimiting": { //false则全局将应用限制,并且仅应用具有作为端点的规则* 。 true则限制将应用于每个端点,如{HTTP_Verb}{PATH} "EnableEndpointRateLimiting": false, //false则拒绝的API调用不会添加到调用次数计数器上 "StackBlockedRequests": false, //注意这个配置,表示获取用户端的真实IP,我们的线上经过负载后是 X-Forwarded-For,而测试服务器没有,所以是X-Real-IP "RealIpHeader": "X-Real-IP", "ClientIdHeader": "X-ClientId", "HttpStatusCode": 200, "QuotaExceededResponse": { "Content": "{{\"code\":429,\"msg\":\"访问过于频繁,请稍后重试\",\"data\":null}}", "ContentType": "application/json", "StatusCode": 200 }, "IpWhitelist": [], "EndpointWhitelist": [], "ClientWhitelist": [], "GeneralRules": [ { "Endpoint": "*",//* "Period": "5s", "Limit": 3 } ] }, "IpRateLimitPolicies": { //特点Ip限制规则设置 //ip规则 "IpRules": [ { //IP "Ip": "84.247.85.224", //规则内容 "Rules": [ //1s请求10次 { "Endpoint": "*", "Period": "1s", "Limit": 10 }, //15分钟请求200次 { "Endpoint": "*", "Period": "15m", "Limit": 200 } ] }, { //ip支持设置多个 "Ip": "192.168.3.22/25", "Rules": [ //1秒请求5次 { "Endpoint": "*", "Period": "1s", "Limit": 5 }, //15分钟请求150次 { "Endpoint": "*", "Period": "15m", "Limit": 150 }, //12小时请求500次 { "Endpoint": "*", "Period": "12h", "Limit": 500 } ] } ] }
4:测试截图
如有疑问或者错误的地方,请跟帖,本人会第一时间答复以及相互学习,谢谢!个人会不断的上传自己的学习心得!
好了今天就先到这里,下次有时间再更新,如果存在不合理的地方,欢迎大家多多指教留言!!!
分类:
其它/测试等
, AbpVnext/微服务/CAP
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 阿里最新开源QwQ-32B,效果媲美deepseek-r1满血版,部署成本又又又降低了!
· Manus重磅发布:全球首款通用AI代理技术深度解析与实战指南
· 开源Multi-agent AI智能体框架aevatar.ai,欢迎大家贡献代码
· 被坑几百块钱后,我竟然真的恢复了删除的微信聊天记录!
· AI技术革命,工作效率10个最佳AI工具