I have a WebApi in ASP.NET MVC and I need to control the limit of access and besides that I need to change the values of the limits at run time. I implemented like this example on this site WebApiThrottle (section Update rate limits at runtime )
That's the code in my WebApiConfig:
//trace provider
var traceWriter = new SystemDiagnosticsTraceWriter()
{
IsVerbose = true
};
config.Services.Replace(typeof(ITraceWriter), traceWriter);
config.EnableSystemDiagnosticsTracing();
//Web API throttling handler
config.MessageHandlers.Add(new ThrottlingHandler(
policy: new ThrottlePolicy(perMinute: 3, perHour: 30, perDay: 35, perWeek: 3000)
{
//scope to IPs
IpThrottling = true,
//scope to clients
ClientThrottling = true,
ClientRules = new Dictionary<string, RateLimits>
{
{ "client-key-1", new RateLimits { PerMinute = 1, PerHour = 60 } }
},
//scope to endpoints
EndpointThrottling = true
},
//replace with PolicyMemoryCacheRepository for Owin self-host
policyRepository: new PolicyCacheRepository(),
//replace with MemoryCacheRepository for Owin self-host
repository: new CacheRepository(),
logger: new TracingThrottleLogger(traceWriter)));
I'm defining three requests per minute like default and one request per minute to the client with key "client-key-1". But when I test using PostMan (I'm passing the Authorization token with the value client-key-1), I noticed that only the default configuration is being used, because only after three requests I got the message:
And, even if I update the rate limit, using the function:
public void UpdateRateLimits()
{
//init policy repo
var policyRepository = new PolicyCacheRepository();
//get policy object from cache
var policy = policyRepository.FirstOrDefault(ThrottleManager.GetPolicyKey());
//update client rate limits
policy.ClientRules["client-key-1"] =
new RateLimits { PerMinute = 20 };
//apply policy updates
ThrottleManager.UpdatePolicy(policy, policyRepository);
}
The message "API calls quota exceeded! maximum admitted 3 per Minute." continues showing up.
Did anyone have this problem?
After try a lot of things I could configure my class to consider my custom rate limits.
What I did was:
1) I created a class to override the method SetIdentity like in the site WebApiThrottle :
public class CustomThrottlingHandler : ThrottlingHandler
{
public CustomThrottlingHandler(ThrottlePolicy policy, IPolicyRepository policyRepository, IThrottleRepository repository, IThrottleLogger logger, IIpAddressParser ipAddressParser = null)
: base(policy, policyRepository, repository, logger, ipAddressParser)
{
}
protected override RequestIdentity SetIdentity(HttpRequestMessage request)
{
return new RequestIdentity
{
ClientKey = request.Headers.Contains("my-header") ? request.Headers.GetValues("my-header").First() : "anon",
ClientIp = base.GetClientIp(request).ToString(),
Endpoint = request.RequestUri.AbsolutePath.ToLowerInvariant()
};
}
}
2) I changed the MessageHandlers.Add to use my custom class (CustomThrottlingHandler) instead of the class ThrottlingHandler:
public static void Register(HttpConfiguration config)
{
//trace provider
var traceWriter = new SystemDiagnosticsTraceWriter()
{
IsVerbose = true
};
config.Services.Replace(typeof(ITraceWriter), traceWriter);
config.EnableSystemDiagnosticsTracing();
//Web API throttling handler
config.MessageHandlers.Add(new CustomThrottlingHandler(
policy: new ThrottlePolicy(perMinute: 20, perHour: 30, perDay: 35, perWeek: 3000)
{
//scope to IPs
IpThrottling = true,
//scope to clients
ClientThrottling = true,
ClientRules = new Dictionary<string, RateLimits>
{
{ "api-client-key-1", new RateLimits { PerMinute = 60, PerHour = 600 } },
{ "api-client-key-2", new RateLimits { PerDay = 5000 } }
},
//scope to endpoints
EndpointThrottling = true
},
//replace with PolicyMemoryCacheRepository for Owin self-host
policyRepository: new PolicyCacheRepository(),
//replace with MemoryCacheRepository for Owin self-host
repository: new CacheRepository(),
logger: new TracingThrottleLogger(traceWriter)));
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.