HTTP请求限速中间件:Tollbooth
nwbg
9年前
Tollbooth 是一个用 Go 语言编写的用来限制 HTTP 访问速度的中间件,可用来限制每个 HTTP 请求的传输速率。例如你可以不限制 / 的访问速率,但是可以针对 /login 限制每个 IP 每秒最多 POST 多少个请求。
Features
-
Rate-limit by request's remote IP, path, methods, custom headers, & basic auth usernames.
limiter := tollbooth.NewLimiter(1, time.Second) // Limit only GET and POST requests. limiter.Methods = []string{"GET", "POST"} // Limit request headers containing certain values. // Typically, you prefetched these values from the database. limiter.Headers = make(map[string][]string) limiter.Headers["X-Access-Token"] = []string{"abc123", "xyz098"} // Limit based on basic auth usernames. // Typically, you prefetched these values from the database. limiter.BasicAuthUsers = []string{"bob", "joe", "didip"}
-
Each request handler can be rate-limited individually.
-
Compose your own middleware by usingLimitByKeys().
-
Tollbooth does not require external storage since it uses an algorithm called Token Bucket (Go library: ratelimit).
Go 程序中使用的方法:
package main import ( "github.com/didip/tollbooth" "net/http" "time" ) func HelloHandler(w http.ResponseWriter, req *http.Request) { w.Write([]byte("Hello, World!")) } func main() { // You can create a generic limiter for all your handlers // or one for each handler. Your choice. // This limiter basically says: allow at most 1 request per 1 second. limiter := tollbooth.NewLimiter(1, time.Second) // This is an example on how to limit only GET and POST requests. limiter.Methods = []string{"GET", "POST"} // You can also limit by specific request headers, containing certain values. // Typically, you prefetched these values from the database. limiter.Headers = make(map[string][]string) limiter.Headers["X-Access-Token"] = []string{"abc123", "xyz098"} // And finally, you can limit access based on basic auth usernames. // Typically, you prefetched these values from the database as well. limiter.BasicAuthUsers = []string{"bob", "joe", "didip"} // Example on how to wrap your request handler. http.Handle("/", tollbooth.LimitFuncHandler(limiter, HelloHandler)) http.ListenAndServe(":12345", nil)