Skip to content
This repository has been archived by the owner on Feb 22, 2023. It is now read-only.

Add throttling classes for thumbnail endpoint #864

Merged
merged 2 commits into from
Aug 16, 2022
Merged

Add throttling classes for thumbnail endpoint #864

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
4d81d40
Add throttling classes for thumbnail endpoint
krysal Aug 8, 2022
14a28f2
Refactor Thumbnail Throttle classes
krysal Aug 9, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 9 additions & 0 deletions api/catalog/api/utils/throttle.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,10 @@ class SustainedRateThrottle(AbstractAnonRateThrottle):
scope = "anon_sustained"


class AnonThumbnailRateThrottle(AbstractAnonRateThrottle):
scope = "anon_thumbnail"


class TenPerDay(AbstractAnonRateThrottle):
rate = "10/day"

Expand Down Expand Up @@ -90,6 +94,11 @@ def get_cache_key(self, request, view):
return self.cache_format % {"scope": self.scope, "ident": ident}


class OAuth2IdThumbnailRateThrottle(AbstractOAuth2IdRateThrottle):
applies_to_rate_limit_model = "standard"
scope = "oauth2_client_credentials_thumbnail"


class OAuth2IdSustainedRateThrottle(AbstractOAuth2IdRateThrottle):
applies_to_rate_limit_model = "standard"
scope = "oauth2_client_credentials_sustained"
Expand Down
7 changes: 5 additions & 2 deletions api/catalog/api/views/image_views.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,10 @@
)
from catalog.api.serializers.media_serializers import MediaThumbnailRequestSerializer
from catalog.api.utils.exceptions import get_api_exception
from catalog.api.utils.throttle import OneThousandPerMinute
from catalog.api.utils.throttle import (
AnonThumbnailRateThrottle,
OAuth2IdThumbnailRateThrottle,
)
from catalog.api.utils.watermark import watermark
from catalog.api.views.media_views import MediaViewSet

Expand Down Expand Up @@ -93,7 +96,7 @@ def oembed(self, request, *_, **__):
url_path="thumb",
url_name="thumb",
serializer_class=MediaThumbnailRequestSerializer,
throttle_classes=[OneThousandPerMinute],
throttle_classes=[AnonThumbnailRateThrottle, OAuth2IdThumbnailRateThrottle],
)
def thumbnail(self, request, *_, **__):
image = self.get_object()
Expand Down
6 changes: 6 additions & 0 deletions api/catalog/settings.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -129,6 +129,8 @@

THROTTLE_ANON_BURST = config("THROTTLE_ANON_BURST", default="5/hour")
THROTTLE_ANON_SUSTAINED = config("THROTTLE_ANON_SUSTAINED", default="100/day")
THROTTLE_ANON_THUMBS = config("THROTTLE_ANON_THUMBS", default="150/minute")
THROTTLE_OAUTH2_THUMBS = config("THROTTLE_OAUTH2_THUMBS", default="500/minute")

REST_FRAMEWORK = {
"DEFAULT_AUTHENTICATION_CLASSES": (
Expand All @@ -143,6 +145,8 @@
"DEFAULT_THROTTLE_CLASSES": (
"catalog.api.utils.throttle.BurstRateThrottle",
"catalog.api.utils.throttle.SustainedRateThrottle",
"catalog.api.utils.throttle.AnonThumbnailRateThrottle",
"catalog.api.utils.throttle.OAuth2IdThumbnailRateThrottle",
"catalog.api.utils.throttle.OAuth2IdSustainedRateThrottle",
"catalog.api.utils.throttle.OAuth2IdBurstRateThrottle",
"catalog.api.utils.throttle.EnhancedOAuth2IdSustainedRateThrottle",
Expand All @@ -152,6 +156,8 @@
"DEFAULT_THROTTLE_RATES": {
"anon_burst": THROTTLE_ANON_BURST,
"anon_sustained": THROTTLE_ANON_SUSTAINED,
"anon_thumbnail": THROTTLE_ANON_THUMBS,
"oauth2_client_credentials_thumbnail": THROTTLE_OAUTH2_THUMBS,
"oauth2_client_credentials_sustained": "10000/day",
"oauth2_client_credentials_burst": "100/min",
"enhanced_oauth2_client_credentials_sustained": "20000/day",
Expand Down