在 wso2 api 管理器(3.2.0)中:
现在,我想限制每个用户对每个资源的请求率,例如通过对令牌施加限制。我怎样才能实现这个目标?
要实现每个用户限速,需要编写自定义限速策略。
转到管理门户,速率限制策略 -> 自定义策略并添加您想要的自定义策略。
以下是API级别的自定义速率限制策略示例,为管理员用户定义每分钟5个请求的限制。
名称:自定义策略
描述:自定义策略示例。
关键模板:$userId:$apiContext:$apiVersion
悉地查询:
FROM RequestStream
SELECT userId, ( userId == '[email protected]' and apiContext == '/pizzashack/1.0.0' and apiVersion == '1.0.0') AS isEligible ,
str:concat('[email protected]',':','/pizzashack/1.0.0:1.0.0') as throttleKey
INSERT INTO EligibilityStream;
FROM EligibilityStream [isEligible==true] #throttler:timeBatch(1 min)
SELECT throttleKey, (count(throttleKey) >= 5) as isThrottled, expiryTimeStamp group by throttleKey
INSERT ALL EVENTS into ResultStream;
要编写资源级自定义限制,请按照以下示例操作。
密钥模板:$userId:$resourceKey
悉地查询:
FROM RequestStream
SELECT userId, ( userId == '[email protected]' and resourceKey == '/pizzashack/1.0.0/1.0.0/*:GET') AS isEligible ,
str:concat('[email protected]',':',resourceKey) as throttleKey
INSERT INTO EligibilityStream;
FROM EligibilityStream [isEligible==true] #throttler:timeBatch(1 min)
SELECT throttleKey, (count(throttleKey) >= 5) as isThrottled, expiryTimeStamp group by throttleKey
INSERT ALL EVENTS into ResultStream;
您可以参考文档[1]以进一步参考。
[1] https://apim.docs.wso2.com/en/3.2.0/learn/rate-limiting/advanced-topics/custom-throtdling/