def test_limiter_maxrequests(self): api_key = 'key_a' maxreq = 5 expire = 1 for i in range(maxreq): self.assertFalse(rate_limit( self.redis_client, api_key, maxreq=maxreq, expire=expire, )) self.assertTrue(rate_limit( self.redis_client, api_key, maxreq=maxreq, expire=expire, ))
def limit_reached(self): return self.ratelimit and rate_limit( self.redis_client, self.get_ratelimit_key(), maxreq=self.ratelimit, expire=self.rate_limit_expire, fail_on_error=True, )
def test_limiter_expiry(self): api_key = 'key_b' maxreq = 100 expire = 1 self.assertFalse(rate_limit( self.redis_client, api_key, maxreq=maxreq, expire=expire, )) time.sleep(1) self.assertFalse(rate_limit( self.redis_client, api_key, maxreq=maxreq, expire=expire, ))
def check(self): api_key = None api_key_text = self.request.GET.get('key', None) if api_key_text is None: self.log_count('{view_name}.no_api_key') if self.error_on_invalidkey: return self.invalid_api_key() try: api_key = ApiKey.getkey(self.request.db_ro_session, api_key_text) except Exception: # pragma: no cover # if we cannot connect to backend DB, skip api key check self.raven_client.captureException() if api_key is not None: self.log_count('{view_name}.api_key.{api_key}', api_key=api_key.name) rate_key = 'apilimit:{key}:{time}'.format( key=api_key_text, time=util.utcnow().strftime('%Y%m%d') ) should_limit = rate_limit( self.redis_client, rate_key, maxreq=api_key.maxreq ) if should_limit: return self.forbidden() else: if api_key_text is not None: self.log_count('{view_name}.unknown_api_key') if self.error_on_invalidkey: return self.invalid_api_key() # If we failed to look up an ApiKey, create an empty one # rather than passing None through api_key = api_key or ApiKey(valid_key=None) return self.view(api_key)