django-ratelimitCache-based rate-limiting for Django | |
Download |
django-ratelimit Ranking & Summary
Advertisement
django-ratelimit Tags
django-ratelimit Description
Cache-based rate-limiting for Django django-ratelimit is a Django app that provides a decorator to rate-limit views. Limiting can be based on IP address or a field in the request--either a GET or POST variable.If the rate limit is exceded, either a 403 Forbidden can be sent, or the request can be annotated with a limited attribute, allowing you to take another action like adding a captcha to a form.Using Django Ratelimitfrom ratelimit.decorators import ratelimit is the biggest thing you need to do. The @ratelimit decorator provides several optional arguments with sensible defaults (in italics).ip: Whether to rate-limit based on the IP. Trueblock: Whether to block the request instead of annotating. Falsemethod: Which HTTP method(s) to rate-limit. May be a string or a list. allfield: Which HTTP field(s) to use to rate-limit. May be a string or a list. nonerate: The number of requests per unit time allowed. 5/mExamples:@ratelimit()def myview(request): # Will be true if the same IP makes more than 5 requests/minute. was_limited = getattr(request, 'limited', False) return HttpResponse()@ratelimit(block=True)def myview(request): # If the same IP makes >5 reqs/min, will return HttpResponseForbidden return HttpResponse()@ratelimit(field='username')def login(request): # If the same username OR IP is used >5 times/min, this will be True. # The `username` value will come from GET or POST, determined by the # request method. was_limited = getattr(request, 'limited', False) return HttpResponse()@ratelimit(method='POST')def login(request): # Only apply rate-limiting to POSTs. return HttpResponseRedirect()@ratelimit(field=)def login(request): # Use multiple field values. return HttpResponse()@ratelimit(rate='4/h')def slow(request): # Allow 4 reqs/hour. return HttpResponse() Requirements: · Python · Django
django-ratelimit Related Software