ASP.NET WebApi实现请求频率限制
Posted ycmail
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了ASP.NET WebApi实现请求频率限制相关的知识,希望对你有一定的参考价值。
SampleController.cs
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using System.Web;
using System.Web.Http;
namespace App.Controllers
[Throttle]
public class SampleController : ApiController
[HttpGet]
public async Task<IHttpActionResult> Get() => await Task.FromResult(Ok(Guid.NewGuid().ToString()));
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
ThrottleAttribute.cs
using System;
using System.Collections.Generic;
using System.Linq;
using System.Net;
using System.Net.Http;
using System.Threading;
using System.Threading.Tasks;
using System.Web;
using System.Web.Http.Controllers;
using System.Web.Http.Filters;
namespace App
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method)]
public class ThrottleAttribute : ActionFilterAttribute
private readonly HandleRequest _handleRequest;
public ThrottleAttribute()
this._handleRequest = new HandleRequest();
public override async Task OnActionExecutingAsync(HttpActionContext actionContext, CancellationToken cancellationToken)
var valid = await this._handleRequest.IsValidRequest(actionContext.Request);
if (!valid)
actionContext.Response = new HttpResponseMessage((HttpStatusCode)429) ReasonPhrase = "Too Many Requests!" ;
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
HandleRequest.cs
using System;
using System.Collections.Generic;
using System.Configuration;
using System.Linq;
using System.Net.Http;
using System.ServiceModel.Channels;
using System.Threading.Tasks;
using System.Web;
using System.Web.Caching;
namespace App
public class HandleRequest
private string Name get; = "Client1";
private int Seconds get; = int.Parse(ConfigurationManager.AppSettings.Get("waitMillisecond"));
public async Task<bool> IsValidRequest(HttpRequestMessage requestMessage)
var allowExecute = false;
await Task.Factory.StartNew(() =>
var key = string.Concat(Name, "-", GetClientIp(requestMessage));
if (HttpRuntime.Cache[key] == null)
HttpRuntime.Cache.Add(key,
true, //这是我们可以拥有的最小数据吗?
null, // 没有依赖关系
DateTime.Now.AddMilliseconds(Seconds), // 绝对过期
Cache.NoSlidingExpiration,
CacheItemPriority.Low,
null); //没有回调
allowExecute = true;
);
return allowExecute;
private string GetClientIp(HttpRequestMessage request)
//获取传统context
if (request.Properties.ContainsKey("MS_HttpContext"))
//HttpContextWrapper 类是从 HttpContextBase 类派生的。 HttpContextWrapper 类用作 HttpContext 类的包装。 在运行时,通常使用 HttpContextWrapper 类的实例调用 HttpContext 对象上的成员。
return ((HttpContextWrapper)request.Properties["MS_HttpContext"]).Request.UserHostAddress;
//CS客户端获取ip地址
//让与发送消息的远程终结点有关的客户端 IP 地址和端口号可用。
if (request.Properties.ContainsKey(RemoteEndpointMessageProperty.Name))
RemoteEndpointMessageProperty prop;
prop = (RemoteEndpointMessageProperty)request.Properties[RemoteEndpointMessageProperty.Name];
return prop.Address;
return null;
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
运行结果:
1分钟内,连续请求的结果:
以上是关于ASP.NET WebApi实现请求频率限制的主要内容,如果未能解决你的问题,请参考以下文章
web api - asp.net 身份令牌即使对于后续请求也会过期
ASP.NET WebApi 从入门到"放弃"系列---WebApi 请求路由
AspNetCoreRateLimit - ASP.NET Core 速率限制中间件。
如何在 asp.net 核心 webapi 控制器中读取请求正文?