Koa.js 限流中间件 koa-ratelimit

最初是 TJ 2013年写的模块。可以使用redis或者内存模式。当一定的时间内请求次数超过阀值,返回429错误。


可以参考 API Rate Limiting 限速 https://javascript.net.cn/article?id=623,这个是基于IP的。在nginx做代理的情况下,还可以基于IP或者请求再次限流 https://javascript.net.cn/article?id=753


Installation 安装

# npm
$ npm install koa-ratelimit
# yarn
$ yarn add koa-ratelimit


Example 例子

With a Redis driver 使用 redis 缓存驱动

const Koa = require('koa');
const ratelimit = require('koa-ratelimit');
const Redis = require('ioredis');
const app = new Koa();

// apply rate limit
app.use(ratelimit({
  driver: 'redis',
  db: new Redis(),
  duration: 60000,
  errorMessage: 'Sometimes You Just Have to Slow Down.',
  id: (ctx) => ctx.ip,
  headers: {
    remaining: 'Rate-Limit-Remaining',
    reset: 'Rate-Limit-Reset',
    total: 'Rate-Limit-Total'
  },
  max: 100,
  disableHeader: false,
  whitelist: (ctx) => {
    // some logic that returns a boolean
  },
  blacklist: (ctx) => {
    // some logic that returns a boolean
  }
}));

// response middleware
app.use(async (ctx) => {
  ctx.body = 'Stuff!';
});

// run server
app.listen(
  3000,
  () => console.log('listening on port 3000')
);


With a memory driver 使用内存驱动

const Koa = require('koa');
const ratelimit = require('koa-ratelimit');
const app = new Koa();

// apply rate limit
const db = new Map();

app.use(ratelimit({
  driver: 'memory',
  db: db,
  duration: 60000,
  errorMessage: 'Sometimes You Just Have to Slow Down.',
  id: (ctx) => ctx.ip,
  headers: {
    remaining: 'Rate-Limit-Remaining',
    reset: 'Rate-Limit-Reset',
    total: 'Rate-Limit-Total'
  },
  max: 100,
  disableHeader: false,
  whitelist: (ctx) => {
    // some logic that returns a boolean
  },
  blacklist: (ctx) => {
    // some logic that returns a boolean
  }
}));

// response middleware
app.use(async (ctx) => {
  ctx.body = 'Stuff!';
});

// run server
app.listen(
  3000,
  () => console.log('listening on port 3000')
);


Options 设置

  • driver memory or redis [redis]
  • db redis connection instance or Map instance (memory)
  • duration of limit in milliseconds [3600000] 持续时间,单位毫秒
  • errorMessage custom error message
  • id id to compare requests [ip]
  • headers custom header names
  • max max requests within duration [2500] 持续时间内的最大请求数
  • disableHeader set whether send the remaining, reset, total headers [false]
  • remaining remaining number of requests ['X-RateLimit-Remaining']
  • reset reset timestamp ['X-RateLimit-Reset']
  • total total number of requests ['X-RateLimit-Limit']
  • whitelist if function returns true, middleware exits before limiting
  • blacklist if function returns true, 403 error is thrown
  • throw call ctx.throw if true


Responses

Example 200 with header fields:

HTTP/1.1 200 OK
X-Powered-By: koa
X-RateLimit-Limit: 100
X-RateLimit-Remaining: 99
X-RateLimit-Reset: 1384377793
Content-Type: text/plain; charset=utf-8
Content-Length: 6
Date: Wed, 13 Nov 2013 21:22:13 GMT
Connection: keep-alive

Stuff!

Example 429 response:

HTTP/1.1 429 Too Many Requests
X-Powered-By: koa
X-RateLimit-Limit: 100
X-RateLimit-Remaining: 0
X-RateLimit-Reset: 1384377716
Content-Type: text/plain; charset=utf-8
Content-Length: 39
Retry-After: 7
Date: Wed, 13 Nov 2013 21:21:48 GMT
Connection: keep-alive

Rate limit exceeded, retry in 8 seconds



来源:

https://github.com/koajs/ratelimit

修改时间 2021-12-15

声明:本站所有文章和图片,如无特殊说明,均为原创发布。商业转载请联系作者获得授权,非商业转载请注明出处。
真诚赞赏,手留余香
赞赏
随机推荐
Wordpress 主样式表(style.css)
WordPress 实现自定义 Ajax 请求
CSS 媒体特性 prefers-color-scheme
uni-app 实现暗黑模式/夜间模式/深色模式/暗黑主题(DarkMode)的几种方法
WordPress 引入自定义 JavaScript 文件
WordPress 自定义文章类型
WordPress 分页
MySQL 使用 DATE_FORMAT() 和 FROM_UNIXTIME() 格式化时间