基于主机地址的限速 http 请求
Rate limit http requests based on host address
我使用 Go 开发了一个 HTTP 服务器。现在我想实现一个速率限制器,这样我就可以检查来自特定 IP 的 HTTP 请求是否在 1 分钟内发送超过 10 个 HTTP 请求,我可以将该 IP 放入阻止列表中一段时间,比如(1 小时) ) 同时,同一订阅者正在发送请求,而 he/she 处于阻塞期,我将从 HTTP 服务器发送 429 错误响应。
我已经为此编写了代码,但在其中我能够阻止 IP 地址,但它会在 1 小时后解除对所有 IP 的阻止。我期待先到先得解封。
Package main
import (
"log"
"net/http"
"strings"
"time"
)
func main() {
fs := http.FileServer(http.Dir("./html/"))
http.Handle("/", fs)
log.Println("Listening..")
go clearLastRequestsIPs()
go clearBlockedIPs()
err := http.ListenAndServe(":8080", middleware(nil))
if err != nil {
log.Fatalln(err)
}
}
// Stores last requests IPs
var lastRequestsIPs []string
// Block IP for 1 hours
var blockedIPs []string
func middleware(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
ipAddr := strings.Split(r.RemoteAddr, ":")[0]
if existsBlockedIP(ipAddr) {
http.Error(w, "", http.StatusTooManyRequests)
return
}
// how many requests the current IP made in last 5 mins
requestCounter := 0
for _, ip := range lastRequestsIPs {
if ip == ipAddr {
requestCounter++
}
}
if requestCounter >= 1000 {
blockedIPs = append(blockedIPs, ipAddr)
http.Error(w, "", http.StatusTooManyRequests)
return
}
lastRequestsIPs = append(lastRequestsIPs, ipAddr)
if next == nil {
http.DefaultServeMux.ServeHTTP(w, r)
return
}
next.ServeHTTP(w, r)
})
}
func existsBlockedIP(ipAddr string) bool {
for _, ip := range blockedIPs {
if ip == ipAddr {
return true
}
}
return false
}
func existsLastRequest(ipAddr string) bool {
for _, ip := range lastRequestsIPs {
if ip == ipAddr {
return true
}
}
return false
}
// Clears lastRequestsIPs array every 1 hrs
func clearLastRequestsIPs() {
for {
lastRequestsIPs = []string{}
time.Sleep(time.Hour * 1)
}
}
// Clears blockedIPs array every 1 hours
func clearBlockedIPs() {
for {
blockedIPs = []string{}
time.Sleep(time.Hour * 1)
}
}
你可以像这样使用一些中间件:
type Limiter struct {
ipCount map[string]int
sync.Mutex
}
var limiter Limiter
func init() {
limiter.ipCount = make(map[string]int)
}
func limit(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
// Get the IP address for the current user.
ip, _, err := net.SplitHostPort(r.RemoteAddr)
if err != nil {
log.Println(err.Error())
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
return
}
// Get the # of times the visitor has visited in the last 60 seconds
limiter.Lock()
count, ok := limiter.ipCount[ip]
if !ok {
limiter.ipCount[ip] = 0
}
if count > 10 {
limiter.Unlock()
http.Error(w, http.StatusText(429), http.StatusTooManyRequests)
return
} else {
limiter.ipCount[ip]++
}
time.AfterFunc(time.Second * 60, func() {
limiter.Lock()
limiter.ipCount[ip]--
limiter.Unlock()
})
if limiter.ipCount[ip] == 10 {
// set it to 20 so the decrement timers will only decrease it to
// 10, and they stay blocked until the next timer resets it to 0
limiter.ipCount[ip] = 20
time.AfterFunc(time.Hour, func() {
limiter.Lock()
limiter.ipCount[ip] = 0
limiter.Unlock()
})
}
limiter.Unlock()
next.ServeHTTP(w, r)
})
}
使用 golang 中的 rate.NewLimiter()。org/x/time/rate 包。
我使用 Go 开发了一个 HTTP 服务器。现在我想实现一个速率限制器,这样我就可以检查来自特定 IP 的 HTTP 请求是否在 1 分钟内发送超过 10 个 HTTP 请求,我可以将该 IP 放入阻止列表中一段时间,比如(1 小时) ) 同时,同一订阅者正在发送请求,而 he/she 处于阻塞期,我将从 HTTP 服务器发送 429 错误响应。
我已经为此编写了代码,但在其中我能够阻止 IP 地址,但它会在 1 小时后解除对所有 IP 的阻止。我期待先到先得解封。
Package main
import (
"log"
"net/http"
"strings"
"time"
)
func main() {
fs := http.FileServer(http.Dir("./html/"))
http.Handle("/", fs)
log.Println("Listening..")
go clearLastRequestsIPs()
go clearBlockedIPs()
err := http.ListenAndServe(":8080", middleware(nil))
if err != nil {
log.Fatalln(err)
}
}
// Stores last requests IPs
var lastRequestsIPs []string
// Block IP for 1 hours
var blockedIPs []string
func middleware(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
ipAddr := strings.Split(r.RemoteAddr, ":")[0]
if existsBlockedIP(ipAddr) {
http.Error(w, "", http.StatusTooManyRequests)
return
}
// how many requests the current IP made in last 5 mins
requestCounter := 0
for _, ip := range lastRequestsIPs {
if ip == ipAddr {
requestCounter++
}
}
if requestCounter >= 1000 {
blockedIPs = append(blockedIPs, ipAddr)
http.Error(w, "", http.StatusTooManyRequests)
return
}
lastRequestsIPs = append(lastRequestsIPs, ipAddr)
if next == nil {
http.DefaultServeMux.ServeHTTP(w, r)
return
}
next.ServeHTTP(w, r)
})
}
func existsBlockedIP(ipAddr string) bool {
for _, ip := range blockedIPs {
if ip == ipAddr {
return true
}
}
return false
}
func existsLastRequest(ipAddr string) bool {
for _, ip := range lastRequestsIPs {
if ip == ipAddr {
return true
}
}
return false
}
// Clears lastRequestsIPs array every 1 hrs
func clearLastRequestsIPs() {
for {
lastRequestsIPs = []string{}
time.Sleep(time.Hour * 1)
}
}
// Clears blockedIPs array every 1 hours
func clearBlockedIPs() {
for {
blockedIPs = []string{}
time.Sleep(time.Hour * 1)
}
}
你可以像这样使用一些中间件:
type Limiter struct {
ipCount map[string]int
sync.Mutex
}
var limiter Limiter
func init() {
limiter.ipCount = make(map[string]int)
}
func limit(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
// Get the IP address for the current user.
ip, _, err := net.SplitHostPort(r.RemoteAddr)
if err != nil {
log.Println(err.Error())
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
return
}
// Get the # of times the visitor has visited in the last 60 seconds
limiter.Lock()
count, ok := limiter.ipCount[ip]
if !ok {
limiter.ipCount[ip] = 0
}
if count > 10 {
limiter.Unlock()
http.Error(w, http.StatusText(429), http.StatusTooManyRequests)
return
} else {
limiter.ipCount[ip]++
}
time.AfterFunc(time.Second * 60, func() {
limiter.Lock()
limiter.ipCount[ip]--
limiter.Unlock()
})
if limiter.ipCount[ip] == 10 {
// set it to 20 so the decrement timers will only decrease it to
// 10, and they stay blocked until the next timer resets it to 0
limiter.ipCount[ip] = 20
time.AfterFunc(time.Hour, func() {
limiter.Lock()
limiter.ipCount[ip] = 0
limiter.Unlock()
})
}
limiter.Unlock()
next.ServeHTTP(w, r)
})
}
使用 golang 中的 rate.NewLimiter()。org/x/time/rate 包。