0

我正在为我的网络应用程序使用烧瓶 cors、烧瓶限制器和 AngularJS。一切正常,但我想要的是在前端也返回 429 太多请求消息,但我似乎无法这样做,因为OPTIONS 方法在返回 429 后会阻止所有内容

我的 AngularJS 错误响应代码:

function(response){
    var res_data = (response.data && response.data.data) ? response.data.data : null;
    var res_status = response.status;
    FlashService.Error(response[keys.issue_fields], true);
    if (res_status == 513 && res_data && res_data[keys.issue_fields][0] == keys.email) {
        vm.error = "Your email is not recognized. Please try again.";
    } else if (res_status == 513 && res_data && res_data[keys.issue_fields][0] == keys.password){
        vm.error = "Your email and password combination was incorrect. Please try again.";
    } else if (res_status == 513 && res_data && res_data[keys.issue_fields][0] == keys.suspension){
        vm.error = "Your account is inactive.";
    }else if (res_status == 429) {
        vm.error = "You have attempted a numerous login failed attempt.. Please try again later.";
    }else if (res_status == -1) {
        vm.error = "Server Error. Please try again later.";
    }else {
        vm.error = "Your email and password combination was incorrect. Please try again.";
    }
    vm.dataLoading = false;
});

这是我的烧瓶代码:

@user_manager.route('/login/dp', methods=['POST'])
#make sure limit_key is changed if modify limit since it is hard coded
@limiter.limit("5/15minute")
def login_dp():
    if key.email() in request.form and key.password() in request.form:
        user_id = CBDPUserDatabase().login(request.form[key.email()], request.form[key.password()])
        if user_id > 0:
            limit_key = 'LIMITER/%s/%s/10/15/minute' %  (get_ipaddr(), request.endpoint)
            if limit_key in limiter._storage.storage: del limiter._storage.storage[limit_key]
            if limit_key in limiter._storage.expirations: del limiter._storage.expirations[limit_key]
            user_profile = CBDPUserDatabase().fetch_user_profile(user_id)
            token = create_dp_token(user_id, user_profile[key.dealership()][key.id()])
            if user_profile is not None:
                return ResponsePacket.success(data={key.profile(): user_profile, key.token(): token})
            else:
                # Couldn't retrieve the user's profile
                return ResponsePacket.data_exception(data={key.issue_fields(): [key.profile()]})
        elif user_id == -2:
            # Email address not found in user database
            return ResponsePacket.data_exception(data={key.issue_fields(): [key.email()]})
        elif user_id == -3:
            # Password given does not match
            return ResponsePacket.data_exception(data={key.issue_fields(): [key.password()]})
        elif user_id == -4:
            return ResponsePacket.data_exception(data={key.issue_fields(): [key.suspension()]})

    else:
        return ResponsePacket.request_exception()

这是我的 CORS 设置:

cors = CORS(application, resources={r"*": {"origins": "*"}})

这是我的烧瓶日志:

127.0.0.1 - - [19/Aug/2016 08:10:02] "OPTIONS /user/login/dp HTTP/1.1" 200 -
127.0.0.1 - - [19/Aug/2016 08:10:04] "POST /user/login/dp HTTP/1.1" 513 -
127.0.0.1 - - [19/Aug/2016 08:10:06] "POST /user/login/dp HTTP/1.1" 513 -
127.0.0.1 - - [19/Aug/2016 08:10:07] "POST /user/login/dp HTTP/1.1" 513 -
127.0.0.1 - - [19/Aug/2016 08:10:08] "OPTIONS /user/login/dp HTTP/1.1" 200 -
127.0.0.1 - - [19/Aug/2016 08:10:08] "POST /user/login/dp HTTP/1.1" 429 -
127.0.0.1 - - [19/Aug/2016 08:10:10] "POST /user/login/dp HTTP/1.1" 429 -
127.0.0.1 - - [19/Aug/2016 08:10:13] "OPTIONS /user/login/dp HTTP/1.1" 429 -
127.0.0.1 - - [19/Aug/2016 08:10:22] "OPTIONS /user/login/dp HTTP/1.1" 429 -
127.0.0.1 - - [19/Aug/2016 08:10:24] "OPTIONS /user/login/dp HTTP/1.1" 429 -
127.0.0.1 - - [19/Aug/2016 08:10:24] "OPTIONS /user/login/dp HTTP/1.1" 429 -
127.0.0.1 - - [19/Aug/2016 08:10:26] "OPTIONS /user/login/dp HTTP/1.1" 429 -

这是我的网络控制台

在此处输入图像描述

4

1 回答 1

0

我现在明白了!只需放一个方法参数

@limiter.limit("20/15minute", methods=['POST'])
于 2016-08-19T03:17:02.807 回答