Parameters: |
- counters_storage (securitylib.throttling.common.CountersStorage) – Storage to be used for storing throttling counters.
- session_storage (securitylib.throttling.common.SessionStorage) – Storage to be used to store sessions.
- config (dict) –
A dictionary containing throttling parameters (dictionary keys are the parameter name
and dictionary values are the parameter value).
Allows defining the limits in requests before the throttling state changes to captcha or block,
and the initial blocking time.
You can omit the whole dictionary or some of its keys as the values
for the missing keys will be taken from the default configuration.
Structure:
Key |
Type |
Description |
limits |
dictionary of dictionaries with integer values |
This parameter must have up to two dictionaries with keys 'captcha'
and 'block', one that contains captcha limits, and another for block limits. If any of these dictionaries is missing, no limits will be imposed
for that throttling method, which effectively disables the throttling method.
This can be used, for example, to disable throttling by captcha for APIs.
Each of these two dictionaries has up to five pairs of keys and values,
where each key is a type of counter and its value
is the limit for the value of the counter before the throttling state is updated,
e.g. if limits['captcha']['user'] is 5, the state for the 'user' counter
will change to 'captcha' when its value increases beyond 5.
|
initial_blocking_time |
integer |
Duration in seconds for the first block (subsequent blocks will have
its duration doubled each time). |
Default configuration:
{
'limits': {
'captcha': {
'ip': 20,
'user': 20,
'pwd': 20,
'ip_user': 3,
'ip_pwd': 3,
},
'block': {
'ip': 100,
'user': None,
'pwd': None,
'ip_user': 7,
'ip_pwd': 7,
},
},
'initial_blocking_time': 30,
}
|