rom*_*man 5 ruby rack throttling ruby-on-rails rate-limiting
我rack-throttle在rails 3应用程序中用作速率限制引擎.我已经基于Rack::Throttle::Interval定义自定义速率限制逻辑创建了自己的类.我正在检查请求是否是针对确切的控制器和确切的操作.如果我提出GET请求,这很好.但是如果我发送POST请求我会遇到一些问题.
class CustomLimiter < Rack::Throttle::Interval
def allowed?(request)
path_info = Rails.application.routes.recognize_path request.url rescue path_info = {}
if path_info[:controller] == "some_controller" and path_info[:action] == "some_action"
super
else
true
end
end
end
这是我的控制器动作
def question
#user is redirected here
end
def check_answer
#some logic to check answer
redirect_to question_path
end
我的路线
get "questions" => "application#question", :as => "question"
post "check_answer" => "application#check_answer", :as => "check_answer"
编辑:
问题是POST请求即将到来,以便allowed?调用方法.但是当我打电话给Rails.application.routes.recognize_path我时,我得到一个Route set not finalized例外 如何防止用户在确切的控制器的确切操作的帮助下发送大量的帖子请求rack-throttle
中间件已添加进来 application.rb
class Application < Rails::Application
#Set up rate limiting
config.require "ip_limiter"
config.require "ip_user_agent_limiter"
config.middleware.use IpLimiter, :min => 0.2
config.middleware.use IpUserAgentLimiter, :min => 2
end
双方IpLimiter并IpUserAgentLimiter从限定制衍生
阅读 Rails.application.routes.recognize_path ( http://apidock.com/rails/ActionDispatch/Routing/RouteSet/recognize_path )的代码后,此方法获得第二个参数,您可以在其中传递方法。
尝试使用:
path_info = Rails.application.routes.recognize_path(request.url, {:method => request.request_method}) rescue path_info = {}
毕竟我想方法是可行的。