From 19c738b974e14b62929dc69c2c6ac1e8540aad98 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E4=B8=8D=E5=81=9A=E7=A0=81=E5=86=9C?= <599854767@qq.com>
Date: Mon, 4 Apr 2022 18:53:02 +0800
Subject: [PATCH] =?UTF-8?q?=E6=96=B0=E5=A2=9E=E5=8A=A0IPRateLimit=E9=99=90?=
 =?UTF-8?q?=E5=88=B6?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 ZR.Admin.WebApi/Extensions/IPRateExtension.cs | 27 ++++++++
 ZR.Admin.WebApi/Startup.cs                    |  5 ++
 ZR.Admin.WebApi/ZR.Admin.WebApi.csproj        |  1 +
 ZR.Admin.WebApi/appsettings.json              | 69 +++++++++++++++++++
 ZR.Vue/src/utils/request.js                   |  8 +--
 5 files changed, 106 insertions(+), 4 deletions(-)
 create mode 100644 ZR.Admin.WebApi/Extensions/IPRateExtension.cs
diff --git a/ZR.Admin.WebApi/Extensions/IPRateExtension.cs b/ZR.Admin.WebApi/Extensions/IPRateExtension.cs
new file mode 100644
index 0000000..ea0da14
--- /dev/null
+++ b/ZR.Admin.WebApi/Extensions/IPRateExtension.cs
@@ -0,0 +1,27 @@
+ï»¿using AspNetCoreRateLimit;
+using Microsoft.Extensions.Configuration;
+using Microsoft.Extensions.DependencyInjection;
+using System;
+
+namespace ZR.Admin.WebApi.Extensions
+{
+    public static class IPRateExtension
+    {
+        public static void AddIPRate(this IServiceCollection services, IConfiguration configuration)
+        {
+            if (services == null) throw new ArgumentNullException(nameof(services));
+
+            //ä»Žappsettings.jsonä¸­åŠ è½½å¸¸è§„é…ç½®ï¼ŒIpRateLimitingä¸Žé…ç½®æ–‡ä»¶ä¸­èŠ‚ç‚¹å¯¹åº”
+            services.Configure<IpRateLimitOptions>(configuration.GetSection("IpRateLimiting"));
+
+            //ä»Žappsettings.jsonä¸­åŠ è½½Ipè§„åˆ™
+            services.Configure<IpRateLimitPolicies>(configuration.GetSection("IpRateLimitPolicies"));
+            //æ³¨å…¥è®¡æ•°å™¨å’Œè§„åˆ™å­˜å‚¨
+            services.AddSingleton<IIpPolicyStore, MemoryCacheIpPolicyStore>();
+            services.AddSingleton<IRateLimitCounterStore, MemoryCacheRateLimitCounterStore>();
+            //é…ç½®ï¼ˆè§£æžå™¨ã€è®¡æ•°å™¨å¯†é’¥ç”Ÿæˆå™¨ï¼‰
+            services.AddSingleton<IRateLimitConfiguration, RateLimitConfiguration>();
+            services.AddSingleton<IProcessingStrategy, AsyncKeyLockProcessingStrategy>();
+        }
+    }
+}
diff --git a/ZR.Admin.WebApi/Startup.cs b/ZR.Admin.WebApi/Startup.cs
index c57fc79..e60e549 100644
--- a/ZR.Admin.WebApi/Startup.cs
+++ b/ZR.Admin.WebApi/Startup.cs
@@ -1,3 +1,4 @@
+using AspNetCoreRateLimit;
 using Hei.Captcha;
 using Infrastructure;
 using Infrastructure.Extensions;
@@ -56,7 +57,9 @@ namespace ZR.Admin.WebApi
                 .PersistKeysToFileSystem(new DirectoryInfo(Directory.GetCurrentDirectory() + Path.DirectorySeparatorChar + "DataProtection"));
             //ÆÕÍ¨ÑéÖ¤Âë
             services.AddHeiCaptcha();
+            services.AddIPRate(Configuration);
             services.AddSession();
+            services.AddMemoryCache();
             services.AddHttpContextAccessor();
 
             //°ó¶¨Õû¸ö¶ÔÏóµ½ModelÉÏ
@@ -127,6 +130,8 @@ namespace ZR.Admin.WebApi
             app.UseAddTaskSchedulers();
             //Ê¹ÓÃÈ«¾ÖÒì³£ÖÐ¼ä¼þ
             app.UseMiddleware<GlobalExceptionMiddleware>();
+            //ÆôÓÃ¿Í»§¶ËIPÏÞÖÆËÙÂÊ
+            app.UseIpRateLimiting();
 
             app.UseEndpoints(endpoints =>
             {
diff --git a/ZR.Admin.WebApi/ZR.Admin.WebApi.csproj b/ZR.Admin.WebApi/ZR.Admin.WebApi.csproj
index ba7b99e..63243c0 100644
--- a/ZR.Admin.WebApi/ZR.Admin.WebApi.csproj
+++ b/ZR.Admin.WebApi/ZR.Admin.WebApi.csproj
@@ -22,6 +22,7 @@
   </ItemGroup>
 
   <ItemGroup>
+	<PackageReference Include="AspNetCoreRateLimit" Version="4.0.2" />
 	<PackageReference Include="EPPlus" Version="5.8.6" />
 	<PackageReference Include="Hei.Captcha" Version="0.3.0" />
 	<PackageReference Include="IPTools.China" Version="1.6.0" />
diff --git a/ZR.Admin.WebApi/appsettings.json b/ZR.Admin.WebApi/appsettings.json
index f4ddf7b..99891ab 100644
--- a/ZR.Admin.WebApi/appsettings.json
+++ b/ZR.Admin.WebApi/appsettings.json
@@ -54,5 +54,74 @@
   "RedisServer": {
     "Cache": "127.0.0.1:6379,defaultDatabase=0,poolsize=50,ssl=false,writeBuffer=10240,prefix=cache:",
     "Session": "127.0.0.1:6379,defaultDatabase=0,poolsize=50,ssl=false,writeBuffer=10240,prefix=session:"
+  },
+  //½Ó¿ÚÇëÇóÏÞÖÆ
+  "IpRateLimiting": {
+    //ÀýÈçÉèÖÃÁË5´ÎÃ¿·ÖÖÓ·ÃÎÊÏÞÁ÷¡£µ±FalseÊ±£ºÏîÄ¿ÖÐÃ¿¸ö½Ó¿Ú¶¼¼ÓÈë¼ÆÊý£¬²»¹ÜÄã·ÃÎÊÄÄ¸ö½Ó¿Ú£¬Ö»ÒªÔÚÒ»·ÖÖÓÄÚÀÛ¼Æ¹»5´Î£¬½«½ûÖ¹·ÃÎÊ¡£
+    //True£ºµ±Ò»·ÖÖÓÇëÇóÁË5´ÎGetData½Ó¿Ú£¬Ôò¸Ã½Ó¿Ú½«ÔÚÊ±¼ä¶ÎÄÚ½ûÖ¹·ÃÎÊ£¬µ«ÊÇ»¹¿ÉÒÔ·ÃÎÊPostData()5´Î,×ÜµÃÀ´ËµÊÇÃ¿¸ö½Ó¿Ú¶¼ÓÐ5´ÎÔÚÕâÒ»·ÖÖÓ£¬»¥²»¸ÉÈÅ¡£
+    "EnableEndpointRateLimiting": true,
+    //false£¬¾Ü¾øµÄAPIµ÷ÓÃ²»»áÌí¼Óµ½µ÷ÓÃ´ÎÊý¼ÆÊýÆ÷ÉÏ;Èç ¿Í»§¶ËÃ¿Ãë·¢³ö3¸öÇëÇó²¢ÇÒÄúÉèÖÃÁËÃ¿ÃëÒ»¸öµ÷ÓÃµÄÏÞÖÆ£¬ÔòÃ¿·ÖÖÓ»òÃ¿Ìì¼ÆÊýÆ÷µÈÆäËûÏÞÖÆ½«½ö¼ÇÂ¼µÚÒ»¸öµ÷ÓÃ£¬¼´³É¹¦µÄAPIµ÷ÓÃ¡£Èç¹ûÄúÏ£Íû±»¾Ü¾øµÄAPIµ÷ÓÃ¼ÆÈëÆäËûÊ±¼äµÄÏÔÊ¾£¨·ÖÖÓ£¬Ð¡Ê±µÈ£©
+    //£¬Ôò±ØÐëÉèÖÃStackBlockedRequestsÎªtrue¡£
+    "StackBlockedRequests": false,
+    "RealIpHeader": "X-Real-IP",
+    //È¡°×Ãûµ¥µÄ¿Í»§¶ËID¡£Èç¹û´Ë±êÍ·ÖÐ´æÔÚ¿Í»§¶ËID²¢ÇÒÓëClientWhitelistÖÐÖ¸¶¨µÄÖµÆ¥Åä£¬Ôò²»Ó¦ÓÃËÙÂÊÏÞÖÆ¡£
+    "ClientIdHeader": "X-ClientId",
+    "HttpStatusCode": 429,
+    //¶Ëµã°×Ãûµ¥
+    //"EndpointWhitelist": [ "get:/api/xxx", "*:/api/yyy" ],
+    //¿Í»§¶Ë°×Ãûµ¥
+    //"ClientWhitelist": [ "dev-id-1", "dev-id-2" ],
+    "QuotaExceededResponse": {
+      "Content": "{{\"code\":429,\"msg\":\"·ÃÎÊ¹ýÓÚÆµ·±£¬ÇëÉÔºóÖØÊÔ\"}}",
+      "ContentType": "application/json",
+      "StatusCode": 429
+    },
+    //Í¨ÓÃ¹æÔò£¬api¹æÔò,½áÎ²Ò»¶¨Òª´ø*
+    "GeneralRules": [
+      {
+        "Endpoint": "*:/captchaImage",
+        //Ê±¼ä¶Î£¬¸ñÊ½£º{Êý×Ö}{µ¥Î»}£»¿ÉÊ¹ÓÃµ¥Î»£ºs, m, h, d
+        "Period": "3s",
+        "Limit": 5
+      },
+      {
+        "Endpoint": "post:*",
+        //Ê±¼ä¶Î£¬¸ñÊ½£º{Êý×Ö}{µ¥Î»}£»¿ÉÊ¹ÓÃµ¥Î»£ºs, m, h, d
+        "Period": "3s",
+        "Limit": 1
+      },
+      {
+        "Endpoint": "put:*",
+        //Ê±¼ä¶Î£¬¸ñÊ½£º{Êý×Ö}{µ¥Î»}£»¿ÉÊ¹ÓÃµ¥Î»£ºs, m, h, d
+        "Period": "3s",
+        "Limit": 1
+      }
+      //{
+      //  "Endpoint": "*",
+      //  //Ê±¼ä¶Î£¬¸ñÊ½£º{Êý×Ö}{µ¥Î»}£»¿ÉÊ¹ÓÃµ¥Î»£ºs, m, h, d
+      //  "Period": "1s",
+      //  "Limit": 2
+      //}
+      //{
+      //  "Endpoint": "*",
+      //  "Period": "15m",
+      //  "Limit": 100
+      //},
+      //{
+      //  "Endpoint": "*",
+      //  "Period": "12h",
+      //  "Limit": 1000
+      //},
+      //{
+      //  "Endpoint": "*",
+      //  "Period": "7d",
+      //  "Limit": 10000
+      //}
+    ],
+    "IpRateLimitPolicies": {
+      //ip¹æÔò
+      "IpRules": [
+      ]
+    }
   }
 }
diff --git a/ZR.Vue/src/utils/request.js b/ZR.Vue/src/utils/request.js
index e67bdd3..0d18e3b 100644
--- a/ZR.Vue/src/utils/request.js
+++ b/ZR.Vue/src/utils/request.js
@@ -57,7 +57,7 @@ service.interceptors.response.use(res => {
       })
 
       return Promise.reject('æ— æ•ˆçš„ä¼šè¯ï¼Œæˆ–è€…ä¼šè¯å·²è¿‡æœŸï¼Œè¯·é‡æ–°ç™»å½•ã€‚')
-    } else if (code == 0 || code == 1 || code == 110 || code == 101 || code == 403 || code == 500) {
+    } else if (code == 0 || code == 1 || code == 110 || code == 101 || code == 403 || code == 500 || code == 429) {
       Message({
         message: msg,
         type: 'error'
@@ -70,13 +70,13 @@ service.interceptors.response.use(res => {
   },
   error => {
     console.log('err' + error)
-    let {
-      message
-    } = error;
+    let { message } = error;
     if (message == "Network Error") {
       message = "åŽç«¯æŽ¥å£è¿žæŽ¥å¼‚å¸¸";
     } else if (message.includes("timeout")) {
       message = "ç³»ç»ŸæŽ¥å£è¯·æ±‚è¶…æ—¶";
+    } else if (message.includes("Request failed with status code 429")) {
+      message = "è¯·æ±‚è¿‡äºŽé¢‘ç¹ï¼Œè¯·ç¨åŽå†è¯•";
     } else if (message.includes("Request failed with status code")) {
       message = "ç³»ç»ŸæŽ¥å£" + message.substr(message.length - 3) + "å¼‚å¸¸";
     }
