You may use RateLimiter by attaching it as a behavior to a controller or module, like the following,
php
public function behaviors()
{
return [
'rateLimiter' => [
'class' => \yii\filters\RateLimiter::className(),
],
];
}
When the user has exceeded his rate limit, RateLimiter will throw a [[TooManyRequestsHttpException]] exception.
Note that RateLimiter requires [[user]] to implement the RateLimitInterface. RateLimiter will
do nothing if [[user]] is not set or does not implement RateLimitInterface.
/**
* @inheritdoc
*/
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['rateLimiter'] = ['class' => RateLimiter::className(), 'enableRateLimitHeaders' => false];
$behaviors['contentNegotiator'] = ['class' => ContentNegotiator::className(), 'formats' => ['application/json' => Response::FORMAT_JSON]];
return $behaviors;
}
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['rateLimiter'] = ['class' => RateLimiter::className(), 'only' => ['view']];
$behaviors['verbs'] = ['class' => VerbFilter::className(), 'actions' => ['view' => ['get'], 'countries' => ['get'], 'cities' => ['get']]];
return $behaviors;
}
/**
* @inheritdoc
*/
public function behaviors()
{
// bootstrap the ContentNegotiatot behavior earlier to use detected format for authenticator
/** @var ContentNegotiator $contentNegotiator */
$contentNegotiator = Yii::createObject(['class' => ContentNegotiator::className(), 'formats' => ['text/html' => Response::FORMAT_HTML, 'application/json' => Response::FORMAT_JSON, 'application/xml' => Response::FORMAT_XML, 'text/csv' => Response::FORMAT_CSV, 'application/pdf' => Response::FORMAT_PDF, 'application/vnd.ms-excel' => Response::FORMAT_XLS]]);
$contentNegotiator->negotiate();
return array_merge(parent::behaviors(), ['contentNegotiator' => $contentNegotiator, 'authenticator' => ['class' => \yii\filters\auth\CompositeAuth::className(), 'authMethods' => !Yii::$app->user->getIsGuest() || Yii::$app->response->format === Response::FORMAT_HTML ? [] : [\yii\filters\auth\HttpBasicAuth::className(), \yii\filters\auth\QueryParamAuth::className()]], 'rateLimiter' => ['class' => \yii\filters\RateLimiter::className(), 'user' => Yii::$app->user->getIdentity()], 'access' => ['class' => AccessControl::className(), 'rules' => [['allow' => true, 'roles' => ['@']]]], 'menu' => ['class' => ActiveNavigation::className()]]);
}
public function behaviors()
{
// get the parent behaviors to overwrite
$behaviors = parent::behaviors();
if (!$this->getUserAuthClass()) {
unset($behaviors['authenticator']);
unset($behaviors['rateLimiter']);
} else {
// change to admin user auth class
$behaviors['authenticator'] = ['class' => \yii\filters\auth\CompositeAuth::className(), 'user' => $this->getUserAuthClass(), 'authMethods' => [\yii\filters\auth\QueryParamAuth::className(), \yii\filters\auth\HttpBearerAuth::className()]];
// change to admin rate limiter
$behaviors['rateLimiter'] = ['class' => \yii\filters\RateLimiter::className(), 'user' => $this->getUserAuthClass()];
}
$behaviors['contentNegotiator'] = ['class' => \yii\filters\ContentNegotiator::className(), 'formats' => ['application/json' => \yii\web\Response::FORMAT_JSON, 'application/xml' => \yii\web\Response::FORMAT_XML]];
return $behaviors;
}
/**
* @inheritdoc
*/
public function beforeAction($action)
{
$user = $this->user;
if ($this->separateRates) {
$user = $user ?: (Yii::$app->getUser() ? Yii::$app->getUser()->getIdentity(false) : null);
}
$user = $user ?: User::findByIp(Yii::$app->request->userIP, $this->rateLimit, $this->timePeriod);
if ($user instanceof RateLimitInterface) {
return parent::beforeAction($action);
} else {
Yii::trace('Check rate limit', __METHOD__);
$this->checkRateLimit($user, $this->request ?: Yii::$app->getRequest(), $this->response ?: Yii::$app->getResponse(), $action);
return true;
}
return parent::beforeAction($action);
}
/**
* @inheritdoc
*/
public function behaviors()
{
return ['contentNegotiator' => ['class' => ContentNegotiator::className(), 'formats' => ['application/json' => Response::FORMAT_JSON, 'application/xml' => Response::FORMAT_XML]], 'verbFilter' => ['class' => VerbFilter::className(), 'actions' => $this->verbs()], 'authenticator' => ['class' => CompositeAuth::className()], 'rateLimiter' => ['class' => RateLimiter::className()]];
}
/**
* @inheritdoc
*/
public function behaviors()
{
return ['contentNegotiator' => ['class' => ContentNegotiator::className(), 'formats' => ['application/json' => Response::FORMAT_JSON]], 'verbFilter' => ['class' => VerbFilter::className(), 'actions' => $this->verbs()], 'authenticator' => ['class' => CompositeAuth::className(), 'except' => ['index', 'view', 'options'], 'authMethods' => [HttpBasicAuth::className(), HttpBearerAuth::className(), QueryParamAuth::className()]], 'access' => ['class' => AccessControl::className(), 'only' => ['create', 'update', 'delete'], 'rules' => [['actions' => ['create', 'update', 'delete'], 'allow' => true, 'roles' => ['@']]]], 'rateLimiter' => ['class' => RateLimiter::className()]];
}
/**
* @inheritdoc
*/
public function behaviors()
{
return ['contentNegotiator' => ['class' => ContentNegotiator::className(), 'formats' => ['application/json' => Response::FORMAT_JSON]], 'verbFilter' => ['class' => VerbFilter::className(), 'actions' => $this->verbs()], 'authenticator' => ['class' => CompositeAuth::className(), 'authMethods' => [HttpBasicAuth::className(), HttpBearerAuth::className(), QueryParamAuth::className()]], 'rateLimiter' => ['class' => RateLimiter::className()]];
}
public function behaviors()
{
return ['verbFilter' => ['class' => VerbFilter::className(), 'actions' => ['submit-ec' => ['post', 'get']]], 'rateLimiter' => ['class' => RateLimiter::className()]];
}
/**
* @inheritdoc
*/
public function behaviors()
{
return ['contentNegotiator' => ['class' => ContentNegotiator::className(), 'formatParam' => 'format', 'formats' => ['application/json' => Response::FORMAT_JSON, 'application/xml' => Response::FORMAT_XML]], 'verbFilter' => ['class' => VerbFilter::className(), 'actions' => $this->verbs()], 'authenticator' => ['class' => CompositeAuth::className(), 'authMethods' => [['class' => 'common\\filters\\auth\\HttpBasicAuth', 'realm' => REALM], ['class' => 'common\\filters\\auth\\HttpDigestAuth', 'realm' => REALM]]], 'rateLimiter' => ['class' => RateLimiter::className()]];
}
public function behaviors()
{
return ArrayHelper::merge(parent::behaviors(), ['contentNegotiator' => ['formats' => ['text/html' => Response::FORMAT_JSON]], 'rateLimiter' => ['class' => RateLimiter::className(), 'enableRateLimitHeaders' => false]]);
}
public function behaviors()
{
return ['contentNegotiator' => ['class' => ContentNegotiator::className(), 'formatParam' => '_format', 'formats' => ['application/xml' => Response::FORMAT_XML, 'application/json' => Response::FORMAT_JSON]], 'rateLimiter' => ['class' => RateLimiter::className(), 'enableRateLimitHeaders' => true]];
}