drf之限流机制

drf总流程链接

https://www.cnblogs.com/daviddd/p/11918405.html

def之节流

'''

承接总流程5.4的限流机制

'''

个人处理

'''
频率限制分为两种,一种是匿名用户,一种是登录用户    匿名用户访问,会将用户的ip作为唯一标识,如果是登录用户,会将用户的用户名或者id作为标识,作为一个字典的键,
    将用户的访问时间作为值存放在一个列表中,字典存放在缓冲中,当用户再次访问时,会将用户的本次的访问时间和列表的最后一个时间元素做差值比较,如果大于自定义的频率时
    间,则删除列表的最后一个时间元素,依次递减,如果差值小于自定义的频率时间,则计算列表的长度,如果小于等于自定义的频率次数,                
    则返回True,可以继续访问,如果大于自定义的频率次数,则返回false,不可继续访问,并提示限制时间

匿名用户由于代理ip的存在,做不到绝对的节流
'''

源码处理机制

'''
限制:60s能访问3次
来访问时:
	1.获取当前时间 100121280
	2.100121280-60 = 100121220,小于100121220所有记录删除
	3.判断1分钟以内已经访问多少次了? #4 
	4.无法访问

来访问时:
	1.获取当前时间 100121340
	2.100121340-60 = 100121280,小于100121280所有记录删除
	3.判断1分钟以内已经访问多少次了? #0
	4.可以访问
'''

class APIView(View):

	# 限流配置文件
	throttle_classes = api_settings.DEFAULT_THROTTLE_CLASSES
	settings = api_settings
	schema = DefaultSchema()
	
	
	def initial(self, request, *args, **kwargs):
		"""
		Runs anything that needs to occur prior to calling the method handler.
		"""
		# 5.4,限流机制
		self.check_throttles(request)
		
		
	# 
	def check_throttles(self, request):
		"""
		Check if request should be throttled.
		Raises an appropriate exception if the request is throttled.
		"""
		throttle_durations = []
		# 5.41实力化限流对象列表,遍历
		for throttle in self.get_throttles():
		
			# 5.43,调用allow_request函数
			if not throttle.allow_request(request, self):
				throttle_durations.append(throttle.wait())

		if throttle_durations:
			# Filter out `None` values which may happen in case of config / rate
			# changes, see #1438
			durations = [
				duration for duration in throttle_durations
				if duration is not None
			]

			duration = max(durations, default=None)
			self.throttled(request, duration)
			
	# 5.42,执行get_throttles函数,得到限流对象列表
	def get_throttles(self):
		"""
		Instantiates and returns the list of throttles that this view uses.
		"""
		return [throttle() for throttle in self.throttle_classes]
			
			
			
class SimpleRateThrottle(BaseThrottle):

	"""
	A simple cache implementation, that only requires `.get_cache_key()`
	to be overridden.

	The rate (requests / seconds) is set by a `rate` attribute on the View
	class.  The attribute is a string of the form 'number_of_requests/period'.

	Period should be one of: ('s', 'sec', 'm', 'min', 'h', 'hour', 'd', 'day')

	Previous request information used for throttling is stored in the cache.
	"""
	cache = default_cache
	timer = time.time
	cache_format = 'throttle_%(scope)s_%(ident)s'
	scope = None
	THROTTLE_RATES = api_settings.DEFAULT_THROTTLE_RATES

	def __init__(self):
		if not getattr(self, 'rate', None):
			self.rate = self.get_rate()
		self.num_requests, self.duration = self.parse_rate(self.rate)
		
	

	def get_rate(self):
		"""
		Determine the string representation of the allowed request rate.
		"""
		if not getattr(self, 'scope', None):
			msg = ("You must set either `.scope` or `.rate` for '%s' throttle" %
				   self.__class__.__name__)
			raise ImproperlyConfigured(msg)

		try:
			return self.THROTTLE_RATES[self.scope]
		except KeyError:
			msg = "No default throttle rate set for '%s' scope" % self.scope
			raise ImproperlyConfigured(msg)

	def parse_rate(self, rate):
		"""
		Given the request rate string, return a two tuple of:
		<allowed number of requests>, <period of time in seconds>
		"""
		if rate is None:
			return (None, None)
		num, period = rate.split('/')
		num_requests = int(num)
		duration = {'s': 1, 'm': 60, 'h': 3600, 'd': 86400}[period[0]]
		return (num_requests, duration)

	
	## 主逻辑处理
	def allow_request(self, request, view):
		"""
		Implement the check to see if the request should be throttled.

		On success calls `throttle_success`.
		On failure calls `throttle_failure`.
		"""
		if self.rate is None:
			return True
			
			
		# 获取请求用户的IP
		self.key = self.get_cache_key(request, view)
		if self.key is None:
			return True
		
		# 根据IP获取他的所有访问记录,[]
		self.history = self.cache.get(self.key, [])
		self.now = self.timer()

		# Drop any requests from the history which have now passed the throttle duration
		
		# 处理判断: 可以访问或者抛出异常,执行以下wait方法
		while self.history and self.history[-1] <= self.now - self.duration:
			self.history.pop()
		if len(self.history) >= self.num_requests:
			return self.throttle_failure()
		return self.throttle_success()

频率限制后的等待时间处理

def wait(self):
	"""
	Returns the recommended next request time in seconds.
	"""
	if self.history:
		remaining_duration = self.duration - (self.now - self.history[-1])
	else:
		remaining_duration = self.duration

	available_requests = self.num_requests - len(self.history) + 1
	if available_requests <= 0:
		return None

	return remaining_duration / float(available_requests)

得到访问者的ip地址或者是登录用户的用户信息:id

class ScopedRateThrottle(SimpleRateThrottle):

		
	def get_cache_key(self, request, view):
		"""
		If `view.throttle_scope` is not set, don't apply this throttle.

		Otherwise generate the unique cache key by concatenating the user id
		with the '.throttle_scope` property of the view.
		"""
		if request.user.is_authenticated:
			ident = request.user.pk
		else:
			ident = self.get_ident(request)

		return self.cache_format % {
			'scope': self.scope,
			'ident': ident
		}

配置文件

REST_FRAMEWORK = {
# 匿名用户与登录用户的节流类
"DEFAULT_THROTTLE_CLASSES": ['rest_framework.throttling.AnonRateThrottle','rest_framework.throttling.UserRateThrottle'],
# 两者分别的频率限制条件设置
"DEFAULT_THROTTLE_RATES": {"anon": '3/m',
                           "user": '3/m'},					
posted @ 2019-11-23 16:57  阿浪阿浪  阅读(376)  评论(0编辑  收藏  举报