def test_limiter_maxrequests(self):
api_key = 'key_a'
maxreq = 5
expire = 1
for i in range(maxreq):
self.assertFalse(rate_limit(
self.redis_client,
api_key,
maxreq=maxreq,
expire=expire,
))
self.assertTrue(rate_limit(
self.redis_client,
api_key,
maxreq=maxreq,
expire=expire,
))
def limit_reached(self):
return self.ratelimit and rate_limit(
self.redis_client,
self.get_ratelimit_key(),
maxreq=self.ratelimit,
expire=self.rate_limit_expire,
fail_on_error=True,
)
def test_limiter_expiry(self):
api_key = 'key_b'
maxreq = 100
expire = 1
self.assertFalse(rate_limit(
self.redis_client,
api_key,
maxreq=maxreq,
expire=expire,
))
time.sleep(1)
self.assertFalse(rate_limit(
self.redis_client,
api_key,
maxreq=maxreq,
expire=expire,
))
def check(self):
api_key = None
api_key_text = self.request.GET.get('key', None)
if api_key_text is None:
self.log_count('{view_name}.no_api_key')
if self.error_on_invalidkey:
return self.invalid_api_key()
try:
api_key = ApiKey.getkey(self.request.db_ro_session,
api_key_text)
except Exception: # pragma: no cover
# if we cannot connect to backend DB, skip api key check
self.raven_client.captureException()
if api_key is not None:
self.log_count('{view_name}.api_key.{api_key}',
api_key=api_key.name)
rate_key = 'apilimit:{key}:{time}'.format(
key=api_key_text,
time=util.utcnow().strftime('%Y%m%d')
)
should_limit = rate_limit(
self.redis_client,
rate_key,
maxreq=api_key.maxreq
)
if should_limit:
return self.forbidden()
else:
if api_key_text is not None:
self.log_count('{view_name}.unknown_api_key')
if self.error_on_invalidkey:
return self.invalid_api_key()
# If we failed to look up an ApiKey, create an empty one
# rather than passing None through
api_key = api_key or ApiKey(valid_key=None)
return self.view(api_key)
