Request limit (#19)

* feat: implement rate limiting to prevent abuse

This commit introduces rate limiting to the linebot to prevent abuse and ensure fair usage.

- Added a new `redis_client.py` to manage the Redis connection.
- Added a `RateLimiter` class in `rate_limiter.py` to handle rate limiting logic using Redis.
- Modified `text_handler.py` to integrate the `RateLimiter`.
  - Implemented a check to determine if a user has exceeded their request limit.
  - If the limit is exceeded, a message is sent to the user informing them of the rate limit and the time remaining until they can make another request.
- Added `flex_message.py` to convert flex message to json.
- Added `__init__.py` to export the utils.
- Added `redis` to `pyproject.toml`.
- Added `*.rdb` to `.gitignore`.

* feat(linebot): add redis support for rate limiting

This commit introduces Redis integration for rate limiting in the Line
Bot application. It includes the following changes:

- Added Redis configuration parameters (REDIS_HOST, REDIS_PORT,
  REDIS_DB) to the .env.example file.
- Updated the README.md file to include instructions for installing
  sqlite3 and redis.
- Modified the redis_client.py file to read Redis configuration from
  environment variables, allowing for flexible deployment.

The addition of Redis enables the implementation of robust rate
limiting mechanisms, preventing abuse and ensuring the stability of
the Line Bot service.

Author: yenslife

.gitignore

@@ -6,6 +6,7 @@ __pycache__
 
 # db
 sql_app.db
+*.rdb
 
 # logs
-logs/
+logs/

linebot/.env.example

@@ -1,8 +1,9 @@
 DIFY_API_KEY=
 LINE_CHANNEL_ACCESS_TOKEN=
 LINE_CHANNEL_SECRET=
-<<<<<<< HEAD
-=======
 OPENAI_API_KEY=
->>>>>>> d61705a (feat: add OPENAI_API_KEY and GEMINI_API_KEY to .env.example)
-GEMINI_API_KEY=
+GEMINI_API_KEY=
+REDIS_HOST=
+REDIS_PORT=
+REDIS_DB=
+

linebot/README.md

@@ -2,6 +2,8 @@
 
 ## Usage
 
+Make sure you have sqlite3 and redis installed on your system.
+
 1. Copy `.env.example` to `.env` and replace the values with your own
     ```cli
     cp .env.example .env
@@ -14,4 +16,4 @@
 3. Run the service
     ```bash
     poetry run uvicorn app.main:app --reload
-    ```
+    ```

linebot/app/db/redis_client.py

@@ -0,0 +1,19 @@
+import os
+
+from redis import Redis
+from dotenv import load_dotenv
+
+load_dotenv()
+REDIS_HOST = os.getenv("REDIS_HOST", "localhost")
+REDIS_PORT = int(os.getenv("REDIS_PORT", 6379))
+REDIS_DB = int(os.getenv("REDIS_DB", 0))
+
+redis_client: Redis = Redis(
+    host=REDIS_HOST,
+    port=REDIS_PORT,
+    db=REDIS_DB,
+    decode_responses=True,
+    retry_on_timeout=True,
+    socket_connect_timeout=5,
+    socket_timeout=5,
+)

linebot/app/services/handlers/text_handler.py

@@ -1,20 +1,27 @@
 """處理文字訊息的模組"""
 
 import json
+import random
+
 from linebot.models import TextSendMessage, FlexSendMessage
+
 from .common import create_quick_reply, COMMANDS
 from ...api.dify import inference
+from ...config.line_config import line_bot_api
 from ...config.logger import get_logger
+from ...services.utils.rate_limiter import RateLimiter
 
-# 取得模組的日誌記錄器
 logger = get_logger(__name__)
+rate_limiter = RateLimiter(max_requests=50, window_seconds=3600)
 
 
 def handle_text_message(event):
     """處理文字訊息"""
     try:
         user_input = event.message.text
         user_id = event.source.user_id
+        user_profile = line_bot_api.get_profile(user_id)
+        user_display_name = user_profile.display_name
 
         # 產生回應訊息
         quick_reply = None
@@ -23,6 +30,31 @@ def handle_text_message(event):
             quick_reply = create_quick_reply()
             return [TextSendMessage(text=response_text, quick_reply=quick_reply)]
 
+        # 檢查使用次數，決定要不要 inference
+        if not rate_limiter.is_allowed(user_id):
+            remaining_time = rate_limiter.time_to_reset(user_id)
+            minutes, seconds = divmod(remaining_time, 60)
+            response_text_list = [
+                f"我知道你很喜歡跟我聊天，不過我已經有點累了，請稍等 {minutes} 分 {seconds} 秒再來找我吧！",
+                f"親愛ㄉ {user_display_name}，我知道你很喜歡跟我聊天，不過我已經有點累了，請稍等 {minutes} 分 {seconds} 秒再來找我吧！",
+                f"嘿嘿，{user_display_name}，我知道你很喜歡跟我聊天，不過我已經有點累了，請稍等 {minutes} 分 {seconds} 秒再來找我吧！",
+                f"{user_display_name}～你太常敲我了啦，我要先去喘口氣，{minutes} 分 {seconds} 秒後我就回來哦！",
+                f"休息是為了走更長遠的路，{user_display_name} 我們等一下再聊～還差 {minutes} 分 {seconds} 秒喔！",
+                f"等等等等，太激烈了！我需要 {minutes} 分 {seconds} 秒冷靜一下 🧘‍♂️",
+                f"{user_display_name}，你是我見過最愛聊天的使用者了 ❤️ 但我真的需要休息一下，等 {minutes} 分 {seconds} 秒後再見吧！",
+                f"訊息太多我快招架不住了！休息一下吧，還要等 {minutes} 分 {seconds} 秒喔！",
+                f"{user_display_name}，我剛剛問了一下伺服器，它說：我真的需要靜一靜，請等 {minutes} 分 {seconds} 秒。",
+                f"啊～系統快燒起來了！我先去喝口水，{minutes} 分 {seconds} 秒後我們繼續～",
+            ]
+            response_text = (
+                random.choice(response_text_list)
+                if user_display_name
+                else response_text_list[0]
+            )
+            return [
+                TextSendMessage(text=response_text, quick_reply=create_quick_reply())
+            ]
+
         # 處理一般查詢
         response_text = inference(user_input, user_id)
         quick_reply = create_quick_reply()

linebot/app/services/utils/__init__.py

@@ -0,0 +1,7 @@
+from .flex_message import flex_message_convert_to_json
+from .rate_limiter import RateLimiter
+
+__all__ = [
+    "flex_message_convert_to_json",
+    "RateLimiter",
+]

linebot/app/services/utils.py …nebot/app/services/utils/flex_message.pylinebot/app/services/utils.py renamed to linebot/app/services/utils/flex_message.py linebot/app/services/utils.py renamed to linebot/app/services/utils/flex_message.py

@@ -0,0 +1,37 @@
+import redis
+from typing import cast
+
+from app.db.redis_client import redis_client
+
+
+class RateLimiter:
+    def __init__(self, max_requests: int = 100, window_seconds: int = 3600):
+        self.redis: redis.Redis = redis_client
+        self.max_requests = max_requests
+        self.window_seconds = window_seconds
+
+    def is_allowed(self, user_id: str) -> bool:
+        key = f"rate_limit:{user_id}"
+        raw = self.redis.incr(key)
+        count = cast(int, raw)  # 防止 linter 哇哇叫
+        if count == 1:
+            self.redis.expire(key, self.window_seconds)
+        return count <= self.max_requests
+
+    def time_to_reset(self, user_id: str) -> int:
+        raw = self.redis.ttl(f"rate_limit:{user_id}")
+        ttl = cast(int, raw)
+        return max(ttl, 0)
+
+
+if __name__ == "__main__":
+    # Example
+    rate_limiter = RateLimiter(max_requests=5, window_seconds=60)
+    user_id = "user123"
+
+    for i in range(7):
+        if rate_limiter.is_allowed(user_id):
+            print(f"Request {i + 1} allowed for user {user_id}.")
+        else:
+            print(f"Request {i + 1} denied for user {user_id}.")
+            print(f"Time to reset: {rate_limiter.time_to_reset(user_id)} seconds.")

linebot/app/services/utils/rate_limiter.py

@@ -14,6 +14,7 @@ uvicorn = "^0.32.0"
 python-dotenv = "^1.0.1"
 sqlalchemy = "^2.0.36"
 openai = "^1.70.0"
+redis = "^6.2.0"
 
 
 [build-system]