From e02ab1fbadcafc98887a2ae7ad77096da3c2c73c Mon Sep 17 00:00:00 2001 From: xiaozhu <501801307@qq.com> Date: Tue, 21 Mar 2023 09:20:27 +0800 Subject: [PATCH] =?UTF-8?q?feat:=20=E6=96=B0=E5=A2=9E=E9=99=90=E6=B5=81?= =?UTF-8?q?=E5=8A=9F=E8=83=BD=20(#718)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * 请求速率限制 * perf: 优化代码 --------- Co-authored-by: ChenZhaoYu <790348264@qq.com> --- README.md | 4 ++++ docker-compose/docker-compose.yml | 2 ++ service/.env.example | 3 +++ service/package.json | 1 + service/pnpm-lock.yaml | 11 +++++++++++ service/src/index.ts | 3 ++- service/src/middleware/limiter.ts | 19 +++++++++++++++++++ 7 files changed, 42 insertions(+), 1 deletion(-) create mode 100644 service/src/middleware/limiter.ts diff --git a/README.md b/README.md index ddf3716deb..9b6880b958 100644 --- a/README.md +++ b/README.md @@ -170,6 +170,7 @@ pnpm dev 通用: - `AUTH_SECRET_KEY` 访问权限密钥,可选 +- `MAX_REQUEST_PER_HOUR` 每小时最大请求次数,可选,默认无限 - `TIMEOUT_MS` 超时,单位毫秒,可选 - `SOCKS_PROXY_HOST` 和 `SOCKS_PROXY_PORT` 一起时生效,可选 - `SOCKS_PROXY_PORT` 和 `SOCKS_PROXY_HOST` 一起时生效,可选 @@ -224,6 +225,8 @@ services: API_REVERSE_PROXY: xxx # 访问权限密钥,可选 AUTH_SECRET_KEY: xxx + # 每小时最大请求次数,可选,默认无限 + MAX_REQUEST_PER_HOUR: 0 # 超时,单位毫秒,可选 TIMEOUT_MS: 60000 # Socks代理,可选,和 SOCKS_PROXY_PORT 一起时生效 @@ -245,6 +248,7 @@ services: | --------------------- | ---------------------- | -------------------------------------------------------------------------------------------------- | | `PORT` | 必填 | 默认 `3002` | `AUTH_SECRET_KEY` | 可选 | 访问权限密钥 | +| `MAX_REQUEST_PER_HOUR` | 可选 | 每小时最大请求次数,可选,默认无限 | | `TIMEOUT_MS` | 可选 | 超时时间,单位毫秒 | | `OPENAI_API_KEY` | `OpenAI API` 二选一 | 使用 `OpenAI API` 所需的 `apiKey` [(获取 apiKey)](https://platform.openai.com/overview) | | `OPENAI_ACCESS_TOKEN` | `Web API` 二选一 | 使用 `Web API` 所需的 `accessToken` [(获取 accessToken)](https://chat.openai.com/api/auth/session) | diff --git a/docker-compose/docker-compose.yml b/docker-compose/docker-compose.yml index 0fcb0d2cfd..dcf99b63cb 100644 --- a/docker-compose/docker-compose.yml +++ b/docker-compose/docker-compose.yml @@ -18,6 +18,8 @@ services: API_REVERSE_PROXY: xxx # 访问权限密钥,可选 AUTH_SECRET_KEY: xxx + # 每小时最大请求次数,可选,默认无限 + MAX_REQUEST_PER_HOUR: 0 # 超时,单位毫秒,可选 TIMEOUT_MS: 60000 # Socks代理,可选,和 SOCKS_PROXY_PORT 一起时生效 diff --git a/service/.env.example b/service/.env.example index 7ca4a4db2d..a7a7747481 100644 --- a/service/.env.example +++ b/service/.env.example @@ -27,3 +27,6 @@ SOCKS_PROXY_PORT= # HTTPS PROXY HTTPS_PROXY= + +# Rate Limit +MAX_REQUEST_PER_HOUR= diff --git a/service/package.json b/service/package.json index 6311f3119c..e2309d6f65 100644 --- a/service/package.json +++ b/service/package.json @@ -29,6 +29,7 @@ "dotenv": "^16.0.3", "esno": "^0.16.3", "express": "^4.18.2", + "express-rate-limit": "^6.7.0", "https-proxy-agent": "^5.0.1", "isomorphic-fetch": "^3.0.0", "node-fetch": "^3.3.0", diff --git a/service/pnpm-lock.yaml b/service/pnpm-lock.yaml index 8e4b85e1bd..ddbfb44b21 100644 --- a/service/pnpm-lock.yaml +++ b/service/pnpm-lock.yaml @@ -10,6 +10,7 @@ specifiers: eslint: ^8.35.0 esno: ^0.16.3 express: ^4.18.2 + express-rate-limit: ^6.7.0 https-proxy-agent: ^5.0.1 isomorphic-fetch: ^3.0.0 node-fetch: ^3.3.0 @@ -24,6 +25,7 @@ dependencies: dotenv: 16.0.3 esno: 0.16.3 express: 4.18.2 + express-rate-limit: 6.7.0_express@4.18.2 https-proxy-agent: 5.0.1 isomorphic-fetch: 3.0.0 node-fetch: 3.3.0 @@ -1740,6 +1742,15 @@ packages: strip-final-newline: 2.0.0 dev: true + /express-rate-limit/6.7.0_express@4.18.2: + resolution: {integrity: sha512-vhwIdRoqcYB/72TK3tRZI+0ttS8Ytrk24GfmsxDXK9o9IhHNO5bXRiXQSExPQ4GbaE5tvIS7j1SGrxsuWs+sGA==} + engines: {node: '>= 12.9.0'} + peerDependencies: + express: ^4 || ^5 + dependencies: + express: 4.18.2 + dev: false + /express/4.18.2: resolution: {integrity: sha512-5/PsL6iGPdfQ/lKM1UuielYgv3BUoJfz1aUwU9vHZ+J7gyvwdQXFEBIEIaxeGf0GIcreATNyBExtalisDbuMqQ==} engines: {node: '>= 0.10.0'} diff --git a/service/src/index.ts b/service/src/index.ts index 4bf42f90a0..a201b8619e 100644 --- a/service/src/index.ts +++ b/service/src/index.ts @@ -2,6 +2,7 @@ import express from 'express' import type { ChatContext, ChatMessage } from './chatgpt' import { chatConfig, chatReplyProcess, currentModel } from './chatgpt' import { auth } from './middleware/auth' +import { limiter } from './middleware/limiter' import { isNotEmptyString } from './utils/is' const app = express() @@ -17,7 +18,7 @@ app.all('*', (_, res, next) => { next() }) -router.post('/chat-process', auth, async (req, res) => { +router.post('/chat-process', [auth, limiter], async (req, res) => { res.setHeader('Content-type', 'application/octet-stream') try { diff --git a/service/src/middleware/limiter.ts b/service/src/middleware/limiter.ts new file mode 100644 index 0000000000..d4df149395 --- /dev/null +++ b/service/src/middleware/limiter.ts @@ -0,0 +1,19 @@ +import { rateLimit } from 'express-rate-limit' +import { isNotEmptyString } from '../utils/is' + +const MAX_REQUEST_PER_HOUR = process.env.MAX_REQUEST_PER_HOUR + +const maxCount = (isNotEmptyString(MAX_REQUEST_PER_HOUR) && !isNaN(Number(MAX_REQUEST_PER_HOUR))) + ? parseInt(MAX_REQUEST_PER_HOUR) + : 0 // 0 means unlimited + +const limiter = rateLimit({ + windowMs: 60 * 60 * 1000, // Maximum number of accesses within an hour + max: maxCount, + statusCode: 200, // 200 means success,but the message is 'Too many request from this IP in 1 hour' + message: async (req, res) => { + res.send({ status: 'Fail', message: 'Too many request from this IP in 1 hour', data: null }) + }, +}) + +export { limiter }