Entrance: self.initial. 1) of APIView dispath method (Request, * args, ** keargs) into point 2 ) Self. check_throttles (request) frequency authentication DEF check_throttles (Self, Request): "" " . the Check IF Request Should BE Throttled Raises AN Appropriate Exception IF The Request IS Throttled. " "" throttle_durations = [] # traverse configured frequency authentication class, initialized via a frequency certification class object, calls the __init__ method frequency certification class # target frequency certification class call allow_request method to determine whether the limited time (no time limit accessibility, limited time inaccessible) # frequency certification class object after the call to limit the wait method, how long can get need to wait for the next visit # Note: the frequency components are certified class inherits SimpleRateThrottle for Throttle in self.get_throttles(): if not throttle.allow_request(request, self): throttle_durations.append(throttle.wait()) # 只要频率限制了,allow_request 返回False了,才会调用wait if throttle_durations: durations = [ duration for duration in throttle_durations if duration is not None ] duration = max(durations, default=None) self.throttled(request, duration)
Custom frequency class
1 ) the frequency of a custom class inherits class SimpleRateThrottle 2 ) setting a scope attribute class, see the name of any attribute named string EENOW 3 ) in settings.py configuration file, the configuration CEFALUT_THROTTLE_RATES drf the format { scope string: ' frequency / time ' } 4 ) in a custom class frequency override get_cache_key method # subject to regulation and restriction information related to the return string # object does not limit the return None, only return None, it is not False or to ""
Custom text columns frequency classes: from rest_framework.throttling Import SimpleRateThrottle class SMSRateThrottle (SimpleRateThrottle): scope = ' SMS ' # only to get the phone number of the methods to be limiting submitted DEF get_cache_key (Self, Request, View): Mobile = request.query_params .get ( ' Mobile ' ) # no phone number, do not limit frequency IF not Mobile: return None # returned phone number can change dynamically, and difficult to duplicate strings, as the cache key operation return ' Throttle _% (scope ) S _% (ident) S ' % {'scope': self.scope, 'ident': mobile}
In the configuration in settings.py
# DRF Configure REST_FRAMEWORK = { # frequency limits configuration ' DEFAULT_THROTTLE_RATES ' : { ' SMS ' : ' . 3 / min ' }, }
In the view: views.py in
from .throttles Import SMSRateThrottle class TestSMSAPIView (APIView): # partially disposed frequency authentication throttle_classes = [SMSRateThrottle] DEF GET (Self, Request, * args, ** kwargs): return APIResponse (0, ' GET get codes the OK ' ) DEF POST (Self, Request, * args, ** kwargs): return APIResponse (0, ' POST codes acquiring the OK ' )
url(r'^sms/$',views.TestSMSAPIView.as_view())
Restrictions interfaces
# ? Only on / api / sms / mobile = specific phone number interfaces will have a frequency limit # 1) to / api / sms / or other interfaces = send unlimited example: tp: //127.0.0.1: 8000 / API / the SMS / # 2) on the mobile database submitted / api / sms / interfaces unlimited example: TP: //127.0.0.1: 8000 / api / sms / mobile = 123? # 3) for not mobile (such as phone ) submitted by telephone interface unlimited field
Figure certification rules:
django not separated
drf classification
Database session Certification: inefficient