Rate Limiter

Whenever you expose a web service / api endpoint, you need to implement a rate limiter to prevent abuse of the service (DOS attacks).

Implement a RateLimiter Class with an isAllow method. Every request comes in with a unique clientID, deny a request if that client has made more than 100 requests in the past second.

 1 public class RateLimiter {
 2     private final Map<String, LinkedList<Long>> clientHitMap = new HashMap<>();
 3     private final int REQUEST_LIMIT = 3;
 4     private final long TIME_LIMIT = 1000L;
 5 
 6     public boolean isAllow(String client_id) {
 7         LinkedList<Long> list = clientHitMap.get(client_id);
 8         long curTime = System.currentTimeMillis();
 9         if (list == null) {
10             clientHitMap.put(client_id, new LinkedList<Long>());
11         }
12         while (!list.isEmpty() && curTime - list.peek() >= TIME_LIMIT) {
13             list.poll();
14         }
15         if (list.size() < REQUEST_LIMIT) {
16             list.offer(curTime);
17             return true;
18         }
19         return false;
20     }
21 }

 

posted @ 2019-07-08 00:33  北叶青藤  阅读(198)  评论(0编辑  收藏  举报