Skip to main content

Signed Cookie based limiting RPS module for Django

Project description

https://img.shields.io/pypi/v/django_limiter.svg

Django Limiter is a Signed Cookie based RPS (Requests per second) limiter.

How it works?

If a user (or a parser) visits your site first time, he redirected to the special page and receives an signed cookie with current timestamp. On this page he will be redirected by JavaScript to the URL he requested before.

If a user visits your site with Limiter’s cookie, Limiter checks the cookie and if the last request had little time, Limiter throws HTTP Response with 429 status code (Too Many Requests)

Otherwise nothing will happen.

Client can’t properly change Limiter’s cookie and abuse (read more about signing here: https://docs.djangoproject.com/en/dev/topics/signing/)

Installation

Install from PyPI:

$ pip install django_limiter

Append 'django_limiter' to your INSTALLED_APPS:

INSTALLED_APPS = [
    # your apps
    'django_limiter',
]

Insert 'django_limiter.middleware.RateLimiter' BEFORE any other middleware into MIDDLEWARE setting (or MIDDLEWARE_CLASSES):

MIDDLEWARE = [
    'django_limiter.middleware.RateLimiter',
    # Another middlewares
]

Add url(r'^limiter/', include(django_limiter.urls)) to your url config:

import django_limiter

urlpatterns = [
    url(r'^admin/', admin.site.urls),
    # Another url patterns
    url(r'^limiter/', include(django_limiter.urls)),
]

Configuration

Here is several settings you can set:

LIMITER_COOKIE_NAME — The name of the cookie. Default: ‘limiter’

LIMITER_INTERVAL — The time (in seconds, can be float) client must wait before he can send next request. Default: 0.333

LIMITER_TEMPLATE_NAME — The name of the template for page to which the client gets temporarily. This page should redirect client to requested page after LIMITER_INTERVAL seconds pass. Template receives 'timeout', 'path' and 'request' context.

LIMITER_EXCEPT — List of URLs Limiter must except. You shouldn’t add root ('/') into this list. Default: []

LIMITER_EXCEPT = ['/my/custom/path', reverse_lazy('or-lazy-reverse')]

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Filename, size & hash SHA256 hash help File type Python version Upload date
django_limiter-1.0.2.tar.gz (3.1 kB) Copy SHA256 hash SHA256 Source None

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN SignalFx SignalFx Supporter DigiCert DigiCert EV certificate StatusPage StatusPage Status page