讨论数量:
- 在
RouteServiceProvider
中定义限流器:RateLimiter::for('api', function (Request $request) { return $request->user() ? Limit::perMinute(60) : Limit::perMinute(30)->by($request->ip()); });
- 在前缀为
api
的路由组中使用throttle
中间件(api 路由组默认):Route::prefix('api')->middleware(['throttle:api'])->group(function () { // });
IP限流不能满足业务需求,我们业务改成了针对API URI来限流,修改ThrottleRequests
if ($user = $request->user()) {
if($route = $request->route()){
return sha1($route->uri().'-'.$user->getAuthIdentifier());
}
return sha1($user->getAuthIdentifier());
} else {
if($route = $request->route()){
return sha1($route->uri().'-'.$request->ip());
}
return sha1($request->ip());
}
推荐文章: