Go语言API限流：保护后端服务

Go语言API限流：保护后端服务

1. 限流策略

API限流防止滥用和过载，保护后端服务的稳定性。

2. 限流实现

package ratelimit import ( "net/http" "sync" "time" "github.com/gin-gonic/gin" ) type RateLimiter struct { requests map[string][]time.Time mu sync.RWMutex limit int window time.Duration } func NewRateLimiter(limit int, window time.Duration) *RateLimiter { return &RateLimiter{ requests: make(map[string][]time.Time), limit: limit, window: window, } } func (rl *RateLimiter) Allow(ip string) bool { rl.mu.Lock() defer rl.mu.Unlock() now := time.Now() windowStart := now.Add(-rl.window) times := rl.requests[ip] validTimes := make([]time.Time, 0) for _, t := range times { if t.After(windowStart) { validTimes = append(validTimes, t) } } if len(validTimes) >= rl.limit { rl.requests[ip] = validTimes return false } rl.requests[ip] = append(validTimes, now) return true } func (rl *RateLimiter) Middleware() gin.HandlerFunc { return func(c *gin.Context) { ip := c.ClientIP() if !rl.Allow(ip) { c.JSON(http.StatusTooManyRequests, gin.H{"error": "rate limit exceeded"}) c.Abort() return } c.Next() } }

3. 总结

API限流是保护后端服务的重要手段，应根据服务能力设置合理的限流阈值。