Class yii\filters\RateLimiter
Inheritance | yii\filters\RateLimiter » yii\base\ActionFilter » yii\base\Behavior » yii\base\BaseObject |
---|---|
Implements | yii\base\Configurable |
Available since version | 2.0 |
Source Code | https://github.com/yiisoft/yii2/blob/master/framework/filters/RateLimiter.php |
RateLimiter implements a rate limiting algorithm based on the leaky bucket algorithm.
You may use RateLimiter by attaching it as a behavior to a controller or module, like the following,
public function behaviors()
{
return [
'rateLimiter' => [
'class' => \yii\filters\RateLimiter::className(),
],
];
}
When the user has exceeded his rate limit, RateLimiter will throw a yii\web\TooManyRequestsHttpException exception.
Note that RateLimiter requires $user to implement the yii\filters\RateLimitInterface. RateLimiter will do nothing if $user is not set or does not implement yii\filters\RateLimitInterface.
Public Properties
Property | Type | Description | Defined By |
---|---|---|---|
$enableRateLimitHeaders | boolean | Whether to include rate limit headers in the response | yii\filters\RateLimiter |
$errorMessage | string | The message to be displayed when rate limit exceeds | yii\filters\RateLimiter |
$except | array | List of action IDs that this filter should not apply to. | yii\base\ActionFilter |
$only | array | List of action IDs that this filter should apply to. | yii\base\ActionFilter |
$owner | yii\base\Component|null | The owner of this behavior | yii\base\Behavior |
$request | yii\web\Request | The current request. | yii\filters\RateLimiter |
$response | yii\web\Response | The response to be sent. | yii\filters\RateLimiter |
$user | yii\filters\RateLimitInterface|Closure | The user object that implements the RateLimitInterface. | yii\filters\RateLimiter |
Public Methods
Method | Description | Defined By |
---|---|---|
__call() | Calls the named method which is not a class method. | yii\base\BaseObject |
__construct() | Constructor. | yii\base\BaseObject |
__get() | Returns the value of an object property. | yii\base\BaseObject |
__isset() | Checks if a property is set, i.e. defined and not null. | yii\base\BaseObject |
__set() | Sets value of an object property. | yii\base\BaseObject |
__unset() | Sets an object property to null. | yii\base\BaseObject |
addRateLimitHeaders() | Adds the rate limit headers to the response. | yii\filters\RateLimiter |
afterAction() | This method is invoked right after an action is executed. | yii\base\ActionFilter |
afterFilter() | yii\base\ActionFilter | |
attach() | Attaches the behavior object to the component. | yii\base\Behavior |
beforeAction() | This method is invoked right before an action is to be executed (after all possible filters.) You may override this method to do last-minute preparation for the action. | yii\filters\RateLimiter |
beforeFilter() | yii\base\ActionFilter | |
canGetProperty() | Returns a value indicating whether a property can be read. | yii\base\BaseObject |
canSetProperty() | Returns a value indicating whether a property can be set. | yii\base\BaseObject |
checkRateLimit() | Checks whether the rate limit exceeds. | yii\filters\RateLimiter |
className() | Returns the fully qualified name of this class. | yii\base\BaseObject |
detach() | Detaches the behavior object from the component. | yii\base\Behavior |
events() | Declares event handlers for the $owner's events. | yii\base\Behavior |
hasMethod() | Returns a value indicating whether a method is defined. | yii\base\BaseObject |
hasProperty() | Returns a value indicating whether a property is defined. | yii\base\BaseObject |
init() | Initializes the object. | yii\filters\RateLimiter |
Protected Methods
Method | Description | Defined By |
---|---|---|
getActionId() | Returns an action ID by converting yii\base\Action::$uniqueId into an ID relative to the module. | yii\base\ActionFilter |
isActive() | Returns a value indicating whether the filter is active for the given action. | yii\base\ActionFilter |
Property Details
Whether to include rate limit headers in the response
The message to be displayed when rate limit exceeds
The current request. If not set, the request
application component will be used.
The response to be sent. If not set, the response
application component will be used.
The user object that implements the RateLimitInterface. If not set, it will take the value of Yii::$app->user->getIdentity(false)
.
{@since 2.0.38} It's possible to provide a closure function in order to assign the user identity on runtime. Using a closure to assign the user identity is recommend
when you are not using the standard Yii::$app->user
component. See the example below:
`
php
'user' => function() {
return Yii::$app->apiUser->identity;
}
`
Method Details
Adds the rate limit headers to the response.
public void addRateLimitHeaders ( $response, $limit, $remaining, $reset ) | ||
$response | yii\web\Response | |
$limit | integer | The maximum number of allowed requests during a period |
$remaining | integer | The remaining number of allowed requests within the current period |
$reset | integer | The number of seconds to wait before having maximum number of allowed requests again |
This method is invoked right before an action is to be executed (after all possible filters.) You may override this method to do last-minute preparation for the action.
public boolean beforeAction ( $action ) | ||
$action | yii\base\Action | The action to be executed. |
return | boolean | Whether the action should continue to be executed. |
---|
Checks whether the rate limit exceeds.
public void checkRateLimit ( $user, $request, $response, $action ) | ||
$user | yii\filters\RateLimitInterface | The current user |
$request | yii\web\Request | |
$response | yii\web\Response | |
$action | yii\base\Action | The action to be executed |
throws | yii\web\TooManyRequestsHttpException | if rate limit exceeds |
---|
Initializes the object.
This method is invoked at the end of the constructor after the object is initialized with the given configuration.
public void init ( ) |