We use cookies to ensure you get the best experience on our website
Home Explore Help
Register Sign In
0ct0pu5
/
desec-stack
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 96c85bfb59
Branches Tags
desec-stack
/
api
/
desecapi
/
throttling.py

throttling.py 2.4 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758 
  1. from rest_framework import throttling
    2. 

  2. from rest_framework.settings import api_settings
    3. 

  3. 

  4. 

  5. class ScopedRatesThrottle(throttling.ScopedRateThrottle):
    6. 

  6.     """
    7. 

  7.     Like DRF's ScopedRateThrottle, but supports several rates per scope, e.g. for burst vs. sustained limit.
    8. 

  8.     """
    9. 

  9.     def parse_rate(self, rates):
    10. 

  10.         return [super(ScopedRatesThrottle, self).parse_rate(rate) for rate in rates]
    11. 

  11. 

  12.     def allow_request(self, request, view):
    13. 

  13.         # We can only determine the scope once we're called by the view.
    14. 

  14.         self.scope = getattr(view, self.scope_attr, None)
    15. 

  15. 

  16.         # If a view does not have a `throttle_scope` always allow the request
    17. 

  17.         if not self.scope:
    18. 

  18.             return True
    19. 

  19. 

  20.         # Determine the allowed request rate as we normally would during
    21. 

  21.         # the `__init__` call.
    22. 

  22.         self.rate = self.get_rate()
    23. 

  23.         if self.rate is None:
    24. 

  24.             return True
    25. 

  25. 

  26.         self.now = self.timer()
    27. 

  27.         self.num_requests, self.duration = zip(*self.parse_rate(self.rate))
    28. 

  28.         self.key = self.get_cache_key(request, view)
    29. 

  29.         self.history = {key: [] for key in self.key}
    30. 

  30.         self.history.update(self.cache.get_many(self.key))
    31. 

  31. 

  32.         for num_requests, duration, key in zip(self.num_requests, self.duration, self.key):
    33. 

  33.             history = self.history[key]
    34. 

  34.             # Drop any requests from the history which have now passed the
    35. 

  35.             # throttle duration
    36. 

  36.             while history and history[-1] <= self.now - duration:
    37. 

  37.                 history.pop()
    38. 

  38.             if len(history) >= num_requests:
    39. 

  39.                 # Prepare variables used by the Throttle's wait() method that gets called by APIView.check_throttles()
    40. 

  40.                 self.num_requests, self.duration, self.key, self.history = num_requests, duration, key, history
    41. 

  41.                 return self.throttle_failure()
    42. 

  42.             self.history[key] = history
    43. 

  43.         return self.throttle_success()
    44. 

  44. 

  45.     def throttle_success(self):
    46. 

  46.         for key in self.history:
    47. 

  47.             self.history[key].insert(0, self.now)
    48. 

  48.         self.cache.set_many(self.history, max(self.duration))
    49. 

  49.         return True
    50. 

  50. 

  51.     # Override the static attribute of the parent class so that we can dynamically apply override settings for testing
    52. 

  52.     @property
    53. 

  53.     def THROTTLE_RATES(self):
    54. 

  54.         return api_settings.DEFAULT_THROTTLE_RATES
    55. 

  55. 

  56.     def get_cache_key(self, request, view):
    57. 

  57.         key = super().get_cache_key(request, view)
    58. 

  58.         return [f'{key}_{duration}' for duration in self.duration]
    59.

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5