Yii2 限速 API [英] Yii2 Rate Limiting Api

问题描述

我担心 Yii2 限速 api?

I'm worried about Yii2 Rate limiting api?

什么是限速api，为什么要用这个?

What is Rate limiting api, why this used?

这里有一些来自 Yii2 的方法yii 大师能否简单解释一下这些方法，我应该在我的 api 中何时何地使用速率限制?

Here are some methods from Yii2 Can a yii guru explain in simple words about these methods, where and when I should use rate limiting in my api?

public function getRateLimit($request, $action)
{
    return [$this->rateLimit, 1]; // $rateLimit requests per second
}

public function loadAllowance($request, $action)
{
    return [$this->allowance, $this->allowance_updated_at];
}

public function saveAllowance($request, $action, $allowance, $timestamp)
{
    $this->allowance = $allowance;
    $this->allowance_updated_at = $timestamp;
    $this->save();
} 

推荐答案

方法

getRateLimit()、loadAllowance() 和 saveAllowance() 是 \yii\filters\RateLimitInterface 中包含的三个方法 用户身份类应实现的接口以启用您的 api 的速率限制.

getRateLimit(), loadAllowance() and saveAllowance() are three methods contained in the \yii\filters\RateLimitInterface Inteface that the user identity class should implement for enable rate limiting of your api.

getRateLimit() 是第一个方法，它返回您可以在 x 秒内执行的最大 api 调用次数:

getRateLimit() is the first method and it returns the maximum number of api calls that you can do in x seconds:

public function getRateLimit($request, $action) {
    return [1,20]; // There can be 1 api call every 20 seconds
}

loadAllowance() 返回剩余的允许请求的数量，并带有上次检查这些请求的相应 UNIX 时间戳.

loadAllowance() return the number of the remaining allowed requests with the corresponding UNIX timestamp of the last time these where checked.

public function loadAllowance($request, $action)
{
    return [$this->allowance, $this->allowance_updated_at]; 
}

saveAllowance() 将剩余允许请求的值分配给 $this->allowance 并将时间戳保存在 $this->allowance_updated_at 中.

saveAllowance() assign to $this->allowance the value of remaining allowed requests and save the timestamp in $this->allowance_updated_at.

public function saveAllowance($request, $action, $allowance, $timestamp)
{
    $this->allowance = $allowance; //Saving Remaining Requests
    $this->allowance_updated_at = $timestamp; // Saving Timestamp
    $this->save(); //Save the model
} 

实施

这是在我的示例应用程序中实现速率限制的方式(使用高级模板):

This is how implemented the Rate Limiting in my example application (using advanced template):

1 设置用户身份类别

在 api 应用程序的 config/main.php 中设置 user 组件.

In the config/main.php of your api application set the user component.

'user' => [
        'identityClass' => 'api\models\User', // User Model for your api
        'enableSession' => false, 
        'loginUrl' => null,        
    ],

2 创建用户模型

这个模型应该实现\yii\filters\RateLimitInterface:

这是我的:

class User extends \common\models\User implements \yii\filters\RateLimitInterface
{

    public $rateLimit = 1;
    public $allowance;
    public $allowance_updated_at;

    public function getRateLimit($request, $action) {
        return [$this->rateLimit,1];
    }

    public function loadAllowance($request, $action)
    {
        return [$this->allowance, $this->allowance_updated_at];
    }

    public function saveAllowance($request, $action, $allowance, $timestamp)
    {
        $this->allowance = $allowance;
        $this->allowance_updated_at = $timestamp;
        $this->save();
    }

}

在这两步之后，Yii 将自动使用 yii\filters\RateLimiter 配置为 yii\rest\Controller 的动作过滤器来执行速率限制检查(如引用文档).

After these two step Yii will automatically use yii\filters\RateLimiter configured as an action filter for yii\rest\Controller to perform rate limiting check (as cited in the documentation).

您必须做的最后一件事是在您的休息控制器行为中禁用速率限制标头:

The last thing you have to do is disable the Rate limit header in your rest controller behaviors:

public function behaviors()
{
    $behaviors = parent::behaviors();
    $behaviors['rateLimiter']['enableRateLimitHeaders'] = false;
    return $behaviors;
}

何时应该在应用程序中使用速率限制

Api 调用从您的数据库返回数据(使用您的过滤器)，因此当它们被调用时，服务器会执行查询.调用次数越多，执行的查询次数也越多，

Api calls return data (with your filters) from your database so when they're called the server execute queries. More are the calls more are also the number of queries that are execute,

您必须限制调用次数，以防止服务器繁重的工作以及由此导致的系统故障.

You must limit the number of the calls in order to prevent Server heavy works and a resulting fallout of your system.

希望这会有所帮助.我不会远离 Yii2 指南，但我认为我无法以更简单的方式解释这一点.

Hope this will help. I'm not going far from the Yii2 Guide, but i don't think i can explain this in a simplier way.

这篇关于Yii2 限速 API的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！