feat: 验证码加限流
This commit is contained in:
@@ -15,7 +15,12 @@ Route::group('v1', function () {
|
|||||||
// 用户模块
|
// 用户模块
|
||||||
Route::group('user', function () {
|
Route::group('user', function () {
|
||||||
// 获取验证码
|
// 获取验证码
|
||||||
Route::get('captcha', 'Captcha/index');
|
Route::get('captcha', 'Captcha/index')->middleware(\think\middleware\Throttle::class, [
|
||||||
|
'visit_rate' => '5/m',
|
||||||
|
'visit_fail_response' => function (\think\middleware\Throttle $throttle, \think\Request $request, int $wait_seconds) {
|
||||||
|
return \think\Response::create('您的操作过于频繁, 请在 ' . $wait_seconds . ' 秒后再试。')->code(429);
|
||||||
|
},
|
||||||
|
]);
|
||||||
|
|
||||||
// 登录接口
|
// 登录接口
|
||||||
Route::post('login', 'Login/index');
|
Route::post('login', 'Login/index');
|
||||||
|
|||||||
@@ -29,7 +29,7 @@
|
|||||||
"topthink/think-view": "^2.0",
|
"topthink/think-view": "^2.0",
|
||||||
"topthink/think-captcha": "^3.0",
|
"topthink/think-captcha": "^3.0",
|
||||||
"thans/tp-jwt-auth": "^2.2",
|
"thans/tp-jwt-auth": "^2.2",
|
||||||
"topthink/think-throttle": "*"
|
"topthink/think-throttle": "^2.0"
|
||||||
},
|
},
|
||||||
"require-dev": {
|
"require-dev": {
|
||||||
"symfony/var-dumper": ">=4.2",
|
"symfony/var-dumper": ">=4.2",
|
||||||
|
|||||||
33
config/throttle.php
Normal file
33
config/throttle.php
Normal file
@@ -0,0 +1,33 @@
|
|||||||
|
<?php
|
||||||
|
// +----------------------------------------------------------------------
|
||||||
|
// | 节流设置
|
||||||
|
// +----------------------------------------------------------------------
|
||||||
|
use think\middleware\Throttle;
|
||||||
|
use think\middleware\throttle\CounterFixed;
|
||||||
|
use think\Request;
|
||||||
|
use think\Response;
|
||||||
|
|
||||||
|
return [
|
||||||
|
// 缓存键前缀,防止键值与其他应用冲突
|
||||||
|
'prefix' => 'throttle_',
|
||||||
|
// 缓存的键,true 表示使用来源ip
|
||||||
|
'key' => true,
|
||||||
|
// 要被限制的请求类型, eg: GET POST PUT DELETE HEAD 等
|
||||||
|
'visit_method' => ['GET', 'HEAD'],
|
||||||
|
// 设置访问频率,例如 '10/m' 指的是允许每分钟请求10次;'10/60'指允许每60秒请求10次。值 null 表示不限制, eg: null 10/m 20/h 300/d 200/300
|
||||||
|
'visit_rate' => '100/m',
|
||||||
|
/*
|
||||||
|
* 设置节流算法,组件提供了四种算法:
|
||||||
|
* - CounterFixed :计数固定窗口
|
||||||
|
* - CounterSlider: 滑动窗口
|
||||||
|
* - TokenBucket : 令牌桶算法
|
||||||
|
* - LeakyBucket : 漏桶限流算法
|
||||||
|
*/
|
||||||
|
'driver_name' => CounterFixed::class,
|
||||||
|
// 响应体中设置速率限制的头部信息
|
||||||
|
'visit_enable_show_rate_limit' => true,
|
||||||
|
// 访问受限时返回的响应
|
||||||
|
'visit_fail_response' => function (Throttle $throttle, Request $request, int $wait_seconds) {
|
||||||
|
return Response::create('Too many requests, try again after ' . $wait_seconds . ' seconds.')->code(429);
|
||||||
|
},
|
||||||
|
];
|
||||||
Reference in New Issue
Block a user