针对特定方法的 Laravel API 速率限制器

发布于 2025-01-09 08:17:46 字数 422 浏览 4 评论 0原文

有没有办法对POST、PUT等特定方法应用速率限制（节流），以防止在几秒钟内命中多个API

我尝试对中的整个API应用限制>/app/Http/Kernel.php

protected $middlewareGroups = [
    'web' => [
        ...
    ],
    'api' => [
      'throttle:1,0.008', <<--- its prevent all api within 0.48 sec         
    ],
];

问题：

我们需要仅阻止选定的方法。

原文

Is there any way to apply rate limit (throttle) for specific method like POST, PUT to prevent multiple api hitting within seconds

I tried to apply limit for whole api in /app/Http/Kernel.php

protected $middlewareGroups = [
    'web' => [
        ...
    ],
    'api' => [
      'throttle:1,0.008', <<--- its prevent all api within 0.48 sec         
    ],
];

Problem :

we need to prevent only selected methods.

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

累赘 2025-01-16 08:17:46

有多种方法可以做到这一点，您可以创建另一个中间件，您可以使用它并对要应用自定义限制的路由进行分组。

此外，您可以在定义路线时直接应用油门

Route::post('/wiggle', function () {
    //
})->middleware(['auth:api','throttle:1,0.008']);

或

Route::middleware(['auth:api','throttle:1,0.008'])->group(function () {
    Route::post('wiggle', [YourClass::class, 'wiggle'])->name('wiggle');
});

There are number of ways to do it, You can create another middleware which you can use and group the routes you want to apply custom throttle.

Additionally, you can straightly apply the throttle when defining a route

Route::post('/wiggle', function () {
    //
})->middleware(['auth:api','throttle:1,0.008']);

Route::middleware(['auth:api','throttle:1,0.008'])->group(function () {
    Route::post('wiggle', [YourClass::class, 'wiggle'])->name('wiggle');
});

回复收藏 0 原文

铃予 2025-01-16 08:17:46

您可以使用多种方式在 Laravel 中进行速率限制。

方法之一是中间件。银已经描述了方式。

第二种方法是使用 Illuminate\Support\Facades\RateLimiter （Laravel 8 或更高版本）

例如，如果您想发送电子邮件验证消息，速率限制为每 60 秒 1 条消息。

namespace App\Http\Controllers;

use Illuminate\Support\Facades\RateLimiter;

class EmailVerificationController extends Controller
{
    public function send(Request $request)
    {
        $user = Auth::user();
        $email = $request->input('email');

        $resendSmsTimeoutSecs = 60;
        $rateLimiterKey = 'email-verification:' . $email;
        RateLimiter::attempt($rateLimiterKey, 1,
            function () use ($user) {
                $user->sendEmailVerification();
            },
            $resendSmsTimeoutSecs
        );

        return response()->json([
            'resend_timeout' => RateLimiter::availableIn($rateLimiterKey)
        ]);
    }
}

关于 RateLimiter

You can use multiple ways to make rate limit in Laravel.

One of ways is Middleware. silver already describe the way.

Second way is using Illuminate\Support\Facades\RateLimiter (Laravel 8 or higher)

For example, if you want to send email verification messages with rate limit 1 message per 60 seconds.

namespace App\Http\Controllers;

use Illuminate\Support\Facades\RateLimiter;

class EmailVerificationController extends Controller
{
    public function send(Request $request)
    {
        $user = Auth::user();
        $email = $request->input('email');

        $resendSmsTimeoutSecs = 60;
        $rateLimiterKey = 'email-verification:' . $email;
        RateLimiter::attempt($rateLimiterKey, 1,
            function () use ($user) {
                $user->sendEmailVerification();
            },
            $resendSmsTimeoutSecs
        );

        return response()->json([
            'resend_timeout' => RateLimiter::availableIn($rateLimiterKey)
        ]);
    }
}

About RateLimiter

回复收藏 0 原文

小红帽 2025-01-16 08:17:46

使用 RateLimiter 的另一种方法如下：

$executed = RateLimiter::attempt('send-message',2,function(){});
if($executed){
    return response()->json([
       'test' => 'test success'
    ]);
}else{
   return response()->json('Too many attempts!');
}

$executed = RateLimiter::attempt('send-message',2,function(){
   return response()->json([
       'test' => 'test success'
    ]);
});
if(!$executed){
   return response()->json('Too many attempts!');
}
return $executed;

参考 Laravel速率限制文档

Another way to use the RateLimiter is as follows:

$executed = RateLimiter::attempt('send-message',2,function(){});
if($executed){
    return response()->json([
       'test' => 'test success'
    ]);
}else{
   return response()->json('Too many attempts!');
}

$executed = RateLimiter::attempt('send-message',2,function(){
   return response()->json([
       'test' => 'test success'
    ]);
});
if(!$executed){
   return response()->json('Too many attempts!');
}
return $executed;

Reference Laravel Rate Limiting docs

回复收藏 0 原文

~没有更多了~