通过计算查询复杂度来限制GraphQL APIs的速率

Rate limiting is a system that protects the stability of APIs. GraphQL opens new possibilities for rate limiting. I’ll show you Shopify’s rate limiting system for the GraphQL Admin API and how it addresses some limitations of common methods commonly used in REST APIs. I’ll show you how we calculate query costs that adapt to the data clients need while providing a more predictable load on servers.

速率限制是一个保护API稳定性的系统。GraphQL为速率限制提供了新的可能性。我将向你展示Shopify的GraphQL Admin API的费率限制系统,以及它如何解决REST API中常用方法的一些限制。我将向你展示我们如何计算查询成本,以适应客户需要的数据,同时为服务器提供更可预测的负载。

What Is Rate Limiting and Why Do APIs Need It?

什么是速率限制,为什么API需要它?

To ensure developers have a reliable and stable API, servers need to enforce reasonable API usage. The most common cases that can affect platform performance are

为了确保开发者有一个可靠和稳定的API,服务器需要执行合理的API使用。最常见的会影响平台性能的情况是

  • Bad actors abusing the API by sending too many requests.
  • 坏人通过发送过多的请求来滥用API。
  • Clients unintentionally sending requests in infinite loops or sending a high number of requests in bursts.
  • 客户端无意中以无限循环的方式发送请求,或以突发的方式发送大量的请求。

The traditional way of rate limiting APIs is request-based and widely used in REST APIs. Some of them have a fixed rate (that is clients are allowed to make a number of requests per second). The Shopify Admin REST API provides credits that clients spend every time they make a request, and those credits are refilled every second. This allows clients to keep a request pace that never limits the API usage (that is two requests per second) and makes occasional request bursts when needed (that is making 10 requests per second).

传统的速率限制API的方式是基于请求的,广泛用于REST APIs。其中一些有一个固定的速率(即客户允许每秒发出若干次请求)。Shopify Admin REST API提供了客户在每次提出请求时花费的点数,而这些点数每秒钟都会被重新填充。这允许客户保持一个请求速度,从不限制API的使用(即每秒两个请求),并在需要时偶尔进行请求突发(即每秒进行10个请求)。

Despite widely used, the request-based model has two limitations:

尽管被广泛使用,但基于请求的模式有两个限制。

  • Clients use the same amount of credits regardless, even if they don’t need all the data in an API response.
  • 即使客户不需要API响应中的所有数据,他们也会使用相同数量的信用。
  • POST, PUT, PATCH and DELETE requests produce side effects th...
开通本站会员,查看完整译文。

首页 - Wiki
Copyright © 2011-2024 iteam. Current version is 2.137.1. UTC+08:00, 2024-11-24 22:33
浙ICP备14020137号-1 $访客地图$