Go语言限流与防爬:API安全防护
1. 限流概述
API限流防止恶意访问和爬虫,Go语言可以通过令牌桶算法实现高效的限流。
2. 限流实现
package rate import ( "sync" "time" ) type RateLimiter struct { rate float64 capacity int tokens float64 lastTime time.Time mu sync.Mutex } func NewRateLimiter(rate float64, capacity int) *RateLimiter { return &RateLimiter{ rate: rate, capacity: capacity, tokens: float64(capacity), lastTime: time.Now(), } } func (rl *RateLimiter) Allow() bool { rl.mu.Lock() defer rl.mu.Unlock() now := time.Now() elapsed := now.Sub(rl.lastTime).Seconds() rl.lastTime = now rl.tokens += elapsed * rl.rate if rl.tokens > float64(rl.capacity) { rl.tokens = float64(rl.capacity) } if rl.tokens >= 1 { rl.tokens-- return true } return false } func (rl *RateLimiter) AllowN(n int) bool { rl.mu.Lock() defer rl.mu.Unlock() if float64(n) <= rl.tokens { rl.tokens -= float64(n) return true } return false }3. 总结
限流是API安全的重要手段,令牌桶算法是实现限流的经典算法。
