Class CaptchaRateLimiter

java.lang.Object
cloud.opencode.base.captcha.validator.CaptchaRateLimiter
public final class CaptchaRateLimiter extends Object
Captcha Rate Limiter - Rate limiting for CAPTCHA requests 验证码速率限制器 - 验证码请求的速率限制

This class provides rate limiting to prevent abuse of CAPTCHA services.

此类提供速率限制以防止验证码服务被滥用。

Features | 主要功能:

  • Per-client rate limiting - 每客户端速率限制
  • Configurable time window - 可配置时间窗口
  • Automatic cleanup - 自动清理

Usage Examples | 使用示例:

CaptchaRateLimiter limiter = new CaptchaRateLimiter(10, Duration.ofMinutes(1));
if (limiter.tryAcquire(clientId)) {
    // proceed with CAPTCHA generation
}

Security | 安全性:

  • Thread-safe: Yes (uses ConcurrentHashMap and AtomicInteger) - 线程安全: 是(使用ConcurrentHashMap和AtomicInteger)
  • Null-safe: No (clientId must not be null) - 空值安全: 否(客户端ID不能为null)
Since:
JDK 25, opencode-base-captcha V1.0.0
Author:
Leon Soo www.LeonSoo.com
See Also:

  • Constructor Details

    • CaptchaRateLimiter

      public CaptchaRateLimiter()
      Creates a rate limiter with default settings (10 requests per minute). 创建具有默认设置的速率限制器(每分钟 10 个请求)。

    • CaptchaRateLimiter

      public CaptchaRateLimiter(int maxRequests, Duration window)
      Creates a rate limiter with specified settings. 创建具有指定设置的速率限制器。
      Parameters:
      maxRequests - the maximum requests per window | 每个窗口的最大请求数
      window - the time window | 时间窗口

  • Method Details

    • isAllowed

      public boolean isAllowed(String clientId)
      Checks if a client is allowed to make a request. 检查客户端是否被允许发出请求。
      Parameters:
      clientId - the client identifier (IP, session, etc.) | 客户端标识符
      Returns:
      true if allowed | 如果允许返回 true

    • getRemainingRequests

      public int getRemainingRequests(String clientId)
      Gets remaining requests for a client. 获取客户端剩余请求数。
      Parameters:
      clientId - the client identifier | 客户端标识符
      Returns:
      the remaining requests | 剩余请求数

    • getTimeUntilReset

      public Duration getTimeUntilReset(String clientId)
      Gets the time until reset for a client. 获取客户端重置前的时间。
      Parameters:
      clientId - the client identifier | 客户端标识符
      Returns:
      the duration until reset | 重置前的时间

    • clear

      public void clear(String clientId)
      Clears a client's rate limit. 清除客户端的速率限制。
      Parameters:
      clientId - the client identifier | 客户端标识符

    • clearExpired

      public void clearExpired()
      Clears all expired entries. 清除所有过期条目。