Rate limiting for Google/Firebase cloud functions?

前端未结

关注

 2  1811

刺人心 2020-12-30 12:14

I am using Firebase to develop an app that uses Cloud Functions as a REST API internally. My question is, is there an easy way to implement per-IP/per-user rate-limiting sim

2条回答

予麋鹿 (楼主)

2020-12-30 12:48

I made a library for rate-limiting calls to firebase functions: firebase-functions-rate-limiter The library uses realtimeDB or firestore (configurable) as a backend. It stores data, in a similar approach that Frank described, but is more economical. Instead of using a collection, it uses a single document with array per each qualifier (eg. a user id). That means there is only a single read for an exceeded call, and a read-write for an allowed call.

$ npm i --save firebase-functions-rate-limiter

Here is an example:

import * as admin from "firebase-admin";
import * as functions from "firebase-functions";
import { FirebaseFunctionsRateLimiter } from "firebase-functions-rate-limiter";

admin.initializeApp(functions.config().firebase);
const database = admin.database();

const limiter = FirebaseFunctionsRateLimiter.withRealtimeDbBackend(
    {
        name: "rate_limiter_collection",
        maxCalls: 2,
        periodSeconds: 15,
    },
    database,
);
exports.testRateLimiter = 
  functions.https.onRequest(async (req, res) => {
    await limiter.rejectOnQuotaExceeded(); // will throw HttpsException with proper warning

    res.send("Function called");
});

0 讨论(0)

查看其它2个回答