Hello everyone,
I am preparing to deploy a Dify chat workflow on the public network for others to use, but I need to consider how to prevent malicious users from making excessive requests that consume large model API tokens. I need to implement rate limiting. I noticed that there is a “secure chat” feature in the workflow that can limit requests based on user ID:
However, I want to implement rate limiting based on the user’s IP address. Is this feasible?
For example, in the def _invoke(self, parameters: Dict[str, Any]) -> Generator[ToolInvokeMessage, None, None] method, there is no user IP parameter available, right?
- Currently, I am considering implementing the chat workflow via API by adding a hidden parameter to pass the IP address during API calls. However, this approach would prevent using the official web interface.
- If I want to use the official web interface, would I need to modify the API module to forward the IP parameter to the plugin tool invocation? Would this be very complex?
- If I want to use the official web interface, how can I implement IP-based rate limiting?
I kindly ask for your guidance!
With my deepest gratitude!!!