swh.web.api.throttling module
- class swh.web.api.throttling.SwhWebRateThrottle[source]
Bases:
rest_framework.throttling.ScopedRateThrottleCustom DRF request rate limiter for anonymous users
Requests are grouped into scopes. It enables to apply different requests rate limiting based on the scope name but also the input HTTP request types.
To associate a scope to requests, one must add a ‘throttle_scope’ attribute when using a class based view, or call the ‘throttle_scope’ decorator when using a function based view. By default, requests do not have an associated scope and are not rate limited.
Rate limiting can also be configured according to the type of the input HTTP requests for fine grained tuning.
- For instance, the following YAML configuration section sets a rate of:
1 per minute for POST requests
60 per minute for other request types
for the ‘swh_api’ scope while exempting those coming from the 127.0.0.0/8 ip network.
throttling: scopes: swh_api: limiter_rate: default: 60/m POST: 1/m exempted_networks: - 127.0.0.0/8
- scope = None
- get_cache_key(request, view)[source]
If view.throttle_scope is not set, don’t apply this throttle.
Otherwise generate the unique cache key by concatenating the user id with the ‘.throttle_scope` property of the view.
- get_exempted_networks(scope_name: str) List[Union[ipaddress.IPv4Network, ipaddress.IPv6Network]][source]
- class swh.web.api.throttling.SwhWebUserRateThrottle[source]
Bases:
swh.web.api.throttling.SwhWebRateThrottleCustom DRF request rate limiter for authenticated users
It has the same behavior than
swh.web.api.throttling.SwhWebRateThrottleexcept the number of allowed requests for each throttle scope is increased by a 1Ox factor.- NUM_REQUESTS_FACTOR = 10
- get_cache_key(request, view)[source]
If view.throttle_scope is not set, don’t apply this throttle.
Otherwise generate the unique cache key by concatenating the user id with the ‘.throttle_scope` property of the view.