gofiber-study/services/waf/waf.go

package waf

import (
	"context"
	"github.com/go-redis/redis/v8"
	"gofiber.study.skcks.cn/common/config"
	"gofiber.study.skcks.cn/common/logger"
	"gofiber.study.skcks.cn/global"
	"time"
	"xorm.io/xorm"
)

var Service *Waf

const (
	StoreName = "waf"
	Separator = ":"
)

type Waf struct {
	db     *xorm.EngineGroup
	store  *redis.Client
	config config.Waf
}

func InitService() {
	Service = &Waf{
		db:     global.DataSources,
		store:  global.Redis,
		config: global.Config.Waf,
	}
	//
	//ctx := context.Background()
	//table, err := Service.store.HGetAll(ctx, StoreName).Result()
	//utils.MainAppExec(func() {
	//	if err != nil {
	//		logger.Log.Errorf("[waf] 初始化出错 %s", err)
	//	}
	//
	//	logger.Log.Debugf("[waf] \n%v", table)
	//})
}

func (w *Waf) Access(ip string) bool {
	key := StoreName + Separator + "access" + Separator + ip
	ctx := context.Background()
	num, err := w.store.LLen(ctx, key).Result()
	if err != nil {
		logger.Log.Errorf("[waf] access 出错 %s", err)
		return false
	}

	if num < w.config.RateLimit {
		w.store.LPush(ctx, key, time.Now().Unix())
		return true
	} else {
		last, _ := w.store.LIndex(ctx, key, -1).Int64()
		if time.Now().Unix()-last < 60 {
			logger.Log.Infof("[waf] ip:%s 访问频率超过限制 %d", ip, w.config.RateLimit)
			return false
		} else {
			w.store.LPush(ctx, key, time.Now().Unix())
			w.store.LTrim(ctx, key, 0, w.config.RateLimit-1)
			return true
		}
	}
}
添加 waf 添加访问频率限制测试 2022-10-25 15:01:57 +08:00			`package waf`

			`import (`
			`"context"`
			`"github.com/go-redis/redis/v8"`
			`"gofiber.study.skcks.cn/common/config"`
			`"gofiber.study.skcks.cn/common/logger"`
			`"gofiber.study.skcks.cn/global"`
			`"time"`
			`"xorm.io/xorm"`
			`)`

			`var Service *Waf`

			`const (`
			`StoreName = "waf"`
			`Separator = ":"`
			`)`

			`type Waf struct {`
			`db *xorm.EngineGroup`
			`store *redis.Client`
			`config config.Waf`
			`}`

			`func InitService() {`
			`Service = &Waf{`
			`db: global.DataSources,`
			`store: global.Redis,`
			`config: global.Config.Waf,`
			`}`
			`//`
			`//ctx := context.Background()`
			`//table, err := Service.store.HGetAll(ctx, StoreName).Result()`
			`//utils.MainAppExec(func() {`
			`// if err != nil {`
			`// logger.Log.Errorf("[waf] 初始化出错 %s", err)`
			`// }`
			`//`
			`// logger.Log.Debugf("[waf] \n%v", table)`
			`//})`
			`}`

			`func (w *Waf) Access(ip string) bool {`
			`key := StoreName + Separator + "access" + Separator + ip`
			`ctx := context.Background()`
			`num, err := w.store.LLen(ctx, key).Result()`
			`if err != nil {`
			`logger.Log.Errorf("[waf] access 出错 %s", err)`
			`return false`
			`}`

			`if num < w.config.RateLimit {`
			`w.store.LPush(ctx, key, time.Now().Unix())`
			`return true`
			`} else {`
			`last, _ := w.store.LIndex(ctx, key, -1).Int64()`
			`if time.Now().Unix()-last < 60 {`
			`logger.Log.Infof("[waf] ip:%s 访问频率超过限制 %d", ip, w.config.RateLimit)`
			`return false`
			`} else {`
			`w.store.LPush(ctx, key, time.Now().Unix())`
			`w.store.LTrim(ctx, key, 0, w.config.RateLimit-1)`
			`return true`
			`}`
			`}`
			`}`