HTTP请求限速中间件:Tollbooth

nwbg 9年前

Tollbooth 是一个用 Go 语言编写的用来限制 HTTP 访问速度的中间件,可用来限制每个 HTTP 请求的传输速率。例如你可以不限制 / 的访问速率,但是可以针对 /login 限制每个 IP 每秒最多 POST 多少个请求。

Features

  1. Rate-limit by request's remote IP, path, methods, custom headers, & basic auth usernames.

    limiter := tollbooth.NewLimiter(1, time.Second)    // Limit only GET and POST requests.  limiter.Methods = []string{"GET", "POST"}    // Limit request headers containing certain values.  // Typically, you prefetched these values from the database.  limiter.Headers = make(map[string][]string)  limiter.Headers["X-Access-Token"] = []string{"abc123", "xyz098"}    // Limit based on basic auth usernames.  // Typically, you prefetched these values from the database.  limiter.BasicAuthUsers = []string{"bob", "joe", "didip"}
  2. Each request handler can be rate-limited individually.

  3. Compose your own middleware by usingLimitByKeys().

  4. Tollbooth does not require external storage since it uses an algorithm called Token Bucket (Go library: ratelimit).


Go 程序中使用的方法:

package main     import (      "github.com/didip/tollbooth"      "net/http"      "time"  )     func HelloHandler(w http.ResponseWriter, req *http.Request) {      w.Write([]byte("Hello, World!"))  }     func main() {      // You can create a generic limiter for all your handlers      // or one for each handler. Your choice.      // This limiter basically says: allow at most 1 request per 1 second.      limiter := tollbooth.NewLimiter(1, time.Second)         // This is an example on how to limit only GET and POST requests.      limiter.Methods = []string{"GET", "POST"}         // You can also limit by specific request headers, containing certain values.      // Typically, you prefetched these values from the database.      limiter.Headers = make(map[string][]string)      limiter.Headers["X-Access-Token"] = []string{"abc123", "xyz098"}         // And finally, you can limit access based on basic auth usernames.      // Typically, you prefetched these values from the database as well.      limiter.BasicAuthUsers = []string{"bob", "joe", "didip"}         // Example on how to wrap your request handler.      http.Handle("/", tollbooth.LimitFuncHandler(limiter, HelloHandler))      http.ListenAndServe(":12345", nil)

项目主页:http://www.open-open.com/lib/view/home/1432357728755