You may use RateLimiter by attaching it as a behavior to a controller or module, like the following,
php
public function behaviors()
{
return [
'rateLimiter' => [
'class' => \yii\filters\RateLimiter::className(),
],
];
}
When the user has exceeded his rate limit, RateLimiter will throw a [[TooManyRequestsHttpException]] exception.
Note that RateLimiter requires [[user]] to implement the RateLimitInterface. RateLimiter will
do nothing if [[user]] is not set or does not implement RateLimitInterface.
/** * @inheritdoc */ public function behaviors() { $behaviors = parent::behaviors(); $behaviors['rateLimiter'] = ['class' => RateLimiter::className(), 'enableRateLimitHeaders' => false]; $behaviors['contentNegotiator'] = ['class' => ContentNegotiator::className(), 'formats' => ['application/json' => Response::FORMAT_JSON]]; return $behaviors; }
public function behaviors() { $behaviors = parent::behaviors(); $behaviors['rateLimiter'] = ['class' => RateLimiter::className(), 'only' => ['view']]; $behaviors['verbs'] = ['class' => VerbFilter::className(), 'actions' => ['view' => ['get'], 'countries' => ['get'], 'cities' => ['get']]]; return $behaviors; }
/** * @inheritdoc */ public function behaviors() { // bootstrap the ContentNegotiatot behavior earlier to use detected format for authenticator /** @var ContentNegotiator $contentNegotiator */ $contentNegotiator = Yii::createObject(['class' => ContentNegotiator::className(), 'formats' => ['text/html' => Response::FORMAT_HTML, 'application/json' => Response::FORMAT_JSON, 'application/xml' => Response::FORMAT_XML, 'text/csv' => Response::FORMAT_CSV, 'application/pdf' => Response::FORMAT_PDF, 'application/vnd.ms-excel' => Response::FORMAT_XLS]]); $contentNegotiator->negotiate(); return array_merge(parent::behaviors(), ['contentNegotiator' => $contentNegotiator, 'authenticator' => ['class' => \yii\filters\auth\CompositeAuth::className(), 'authMethods' => !Yii::$app->user->getIsGuest() || Yii::$app->response->format === Response::FORMAT_HTML ? [] : [\yii\filters\auth\HttpBasicAuth::className(), \yii\filters\auth\QueryParamAuth::className()]], 'rateLimiter' => ['class' => \yii\filters\RateLimiter::className(), 'user' => Yii::$app->user->getIdentity()], 'access' => ['class' => AccessControl::className(), 'rules' => [['allow' => true, 'roles' => ['@']]]], 'menu' => ['class' => ActiveNavigation::className()]]); }
public function behaviors() { // get the parent behaviors to overwrite $behaviors = parent::behaviors(); if (!$this->getUserAuthClass()) { unset($behaviors['authenticator']); unset($behaviors['rateLimiter']); } else { // change to admin user auth class $behaviors['authenticator'] = ['class' => \yii\filters\auth\CompositeAuth::className(), 'user' => $this->getUserAuthClass(), 'authMethods' => [\yii\filters\auth\QueryParamAuth::className(), \yii\filters\auth\HttpBearerAuth::className()]]; // change to admin rate limiter $behaviors['rateLimiter'] = ['class' => \yii\filters\RateLimiter::className(), 'user' => $this->getUserAuthClass()]; } $behaviors['contentNegotiator'] = ['class' => \yii\filters\ContentNegotiator::className(), 'formats' => ['application/json' => \yii\web\Response::FORMAT_JSON, 'application/xml' => \yii\web\Response::FORMAT_XML]]; return $behaviors; }
/** * @inheritdoc */ public function beforeAction($action) { $user = $this->user; if ($this->separateRates) { $user = $user ?: (Yii::$app->getUser() ? Yii::$app->getUser()->getIdentity(false) : null); } $user = $user ?: User::findByIp(Yii::$app->request->userIP, $this->rateLimit, $this->timePeriod); if ($user instanceof RateLimitInterface) { return parent::beforeAction($action); } else { Yii::trace('Check rate limit', __METHOD__); $this->checkRateLimit($user, $this->request ?: Yii::$app->getRequest(), $this->response ?: Yii::$app->getResponse(), $action); return true; } return parent::beforeAction($action); }
/** * @inheritdoc */ public function behaviors() { return ['contentNegotiator' => ['class' => ContentNegotiator::className(), 'formats' => ['application/json' => Response::FORMAT_JSON, 'application/xml' => Response::FORMAT_XML]], 'verbFilter' => ['class' => VerbFilter::className(), 'actions' => $this->verbs()], 'authenticator' => ['class' => CompositeAuth::className()], 'rateLimiter' => ['class' => RateLimiter::className()]]; }
/** * @inheritdoc */ public function behaviors() { return ['contentNegotiator' => ['class' => ContentNegotiator::className(), 'formats' => ['application/json' => Response::FORMAT_JSON]], 'verbFilter' => ['class' => VerbFilter::className(), 'actions' => $this->verbs()], 'authenticator' => ['class' => CompositeAuth::className(), 'except' => ['index', 'view', 'options'], 'authMethods' => [HttpBasicAuth::className(), HttpBearerAuth::className(), QueryParamAuth::className()]], 'access' => ['class' => AccessControl::className(), 'only' => ['create', 'update', 'delete'], 'rules' => [['actions' => ['create', 'update', 'delete'], 'allow' => true, 'roles' => ['@']]]], 'rateLimiter' => ['class' => RateLimiter::className()]]; }
/** * @inheritdoc */ public function behaviors() { return ['contentNegotiator' => ['class' => ContentNegotiator::className(), 'formats' => ['application/json' => Response::FORMAT_JSON]], 'verbFilter' => ['class' => VerbFilter::className(), 'actions' => $this->verbs()], 'authenticator' => ['class' => CompositeAuth::className(), 'authMethods' => [HttpBasicAuth::className(), HttpBearerAuth::className(), QueryParamAuth::className()]], 'rateLimiter' => ['class' => RateLimiter::className()]]; }
public function behaviors() { return ['verbFilter' => ['class' => VerbFilter::className(), 'actions' => ['submit-ec' => ['post', 'get']]], 'rateLimiter' => ['class' => RateLimiter::className()]]; }
/** * @inheritdoc */ public function behaviors() { return ['contentNegotiator' => ['class' => ContentNegotiator::className(), 'formatParam' => 'format', 'formats' => ['application/json' => Response::FORMAT_JSON, 'application/xml' => Response::FORMAT_XML]], 'verbFilter' => ['class' => VerbFilter::className(), 'actions' => $this->verbs()], 'authenticator' => ['class' => CompositeAuth::className(), 'authMethods' => [['class' => 'common\\filters\\auth\\HttpBasicAuth', 'realm' => REALM], ['class' => 'common\\filters\\auth\\HttpDigestAuth', 'realm' => REALM]]], 'rateLimiter' => ['class' => RateLimiter::className()]]; }
public function behaviors() { return ArrayHelper::merge(parent::behaviors(), ['contentNegotiator' => ['formats' => ['text/html' => Response::FORMAT_JSON]], 'rateLimiter' => ['class' => RateLimiter::className(), 'enableRateLimitHeaders' => false]]); }
public function behaviors() { return ['contentNegotiator' => ['class' => ContentNegotiator::className(), 'formatParam' => '_format', 'formats' => ['application/xml' => Response::FORMAT_XML, 'application/json' => Response::FORMAT_JSON]], 'rateLimiter' => ['class' => RateLimiter::className(), 'enableRateLimitHeaders' => true]]; }