A rate limiting decorator for Django
Project description
django-rated
A rate limiting decorators for Django
Introduction
`rated`` allows you to limit request rates a single client may attempt on views in 'realms' of your site.
You control which views are in which 'realm' by either decorating the view, or adding the url pattern into the realm map.
rated
will keep track of how many requests, and when, a client has made and, if they've exceeded their limit, will return a configurable response -- 503 - Service Unavailable
by default.
Installing
Decorate your views:
@rate_limit('myrealm')
def myview(request):
Configuring
Next, configure your realms.
This is done by defining them in the RATED_REALMS setting. This is a dict where the keys are realm names, and the values are dicts of configs.
A realm config may contain any of the following keys. Any omitted fall back to the defaults from the settings below.
allowed: A list of IPs to exclude from rate limiting.
duration: Time after which any requests are forgotten
limit: Number of requests before limiting is applied.
code: HTTP Status code to use when limiting is applied.
message: Response content to return when limiting is applied.
If you're planning to put all limited views into the one realm, you don't need to define RATED_REALMS - the defaults will be used instead.
Assign Realms
There are three ways to apply rate limits. Either decorate the view directly, add a realm with the same url pattern name, or map the url pattern name to a realm.
You can add mark a view as in the default realm simply:
from rated.decorators import rate_limit
@rate_limit
def myview(...)
To add it to a specific realm:
@rated_realm(realm='other')
def myview(...)
Otherwise, if the url pattern is named, and the name matches a realm name, it will be considered part of that realm. There is also the RATED_REALM_MAP, which will map url pattern names to realm names. The url pattern name is always mapped through here.
Settings
RATED_DEFAULT_TIMEOUT:
How long an access history persists with no accesses.
Default: 1 hour
RATED_DEFAULT_LIMIT:
Limit of how many requests an individual client is permitted per hour.
Default: 100
RATED_RESPONSE_CODE:
HTTP Status code to return when a request is limited.
Default: 429
RATED_RESPONSE_MESSAGE:
Content to include in response when a request is limited.
Default: ''
RATED_REALMS:
A dict of config dicts.
The keys are realm names.
The values are dicts containing overrides for 'limit', 'timeout' and 'allowed'.
Default: {}
RATED_REDIS:
Redis config settings.
These will be passed directly to create a redis.ConnectionPool instance.
RATED_DEFAULT_ALLOWED:
A list of IPs which are exempt from rate limiting.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file django-rated-2.0.0.tar.gz
.
File metadata
- Download URL: django-rated-2.0.0.tar.gz
- Upload date:
- Size: 5.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.11.4
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | 8a69f9eef2e88dc7f57e942fa8de06a23111dc279f5902cac10b60ccce1ffbe7 |
|
MD5 | b29e29f9e1f8f1cc3db78e6e7f071e89 |
|
BLAKE2b-256 | 41269aa620686af177e455cf9b9afa519c2d85e43749462da049f5f54ebacbde |
File details
Details for the file django_rated-2.0.0-py3-none-any.whl
.
File metadata
- Download URL: django_rated-2.0.0-py3-none-any.whl
- Upload date:
- Size: 6.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.11.4
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | a0cfd2a0c0af638e13ee17a77858f61c4940b4b6f111b30783dd63bcc0ff0d44 |
|
MD5 | 3d45f56e61969e8d39f283dc30f43a7a |
|
BLAKE2b-256 | 95c1a94d882ad1567afeb6867179ed5c94bec965d7c9955b07b99b8b85b07f7c |