We will use a combination of the three throttling classes, discussed earlier, to achieve our previously explained goals. Make sure you quit Django's development server. Remember that you just need to press Ctrl + C in the Terminal or Command Prompt window in which it is running.

Open the gamesapi/settings.py file and add the highlighted lines to the dictionary named REST_FRAMEWORK with two key-value pairs that configure the global default throttling classes and their rates. The code file for the sample is included in the restful_python_chapter_04_01 folder:

REST_FRAMEWORK = { 
    'DEFAULT_PAGINATION_CLASS': 
    'games.pagination.LimitOffsetPaginationWithMaxLimit', 
    'PAGE_SIZE': 5, 
    'DEFAULT_AUTHENTICATION_CLASSES': ( 
        'rest_framework.authentication.BasicAuthentication', 
        'rest_framework.authentication.SessionAuthentication', 
        ), 
    'DEFAULT_THROTTLE_CLASSES': ( 
        'rest_framework.throttling.AnonRateThrottle', 
        'rest_framework.throttling.UserRateThrottle', 
    ), 
    'DEFAULT_THROTTLE_RATES': { 
        'anon': '5/hour', 
        'user': '20/hour', 
        'game-categories': '30/hour', 
    } 
}

The value for the DEFAULT_THROTTLE_CLASSES settings key specifies a global setting with a tuple of string whose values indicate the default classes that we want to use for throttling-AnonRateThrottle and UserRateThrottle. The DEFAULT_THROTTLE_RATES settings key specifies a dictionary with default throttle rates. The value specified for the 'anon' key indicates that we want a maximum of five requests per hour for anonymous users. The value specified for the 'user' key indicates that we want a maximum of 20 requests per hour for authenticated users. The value specified for the 'game-categories' key indicates that we want a maximum of 30 requests per hour for the scope with that name.

The maximum rate is a string that specifies the number of requests per period with the following format: 'number_of_requests/period', where period can be any of the following:

Now, we will configure throttling policies for the class-based views related to game categories. We will override the value for the throttle_scope and throttle_classes class attributes for the GameCategoryList and GameCategoryDetail classes. First, we have to add the following import statement after the last import in the views.py file. The code file for the sample is included in the restful_python_chapter_04_01 folder:

from rest_framework.throttling import ScopedRateThrottle 

The following lines show the new code for the GameCategoryList class in the views.py file. The new lines are highlighted. The code file for the sample is included in the restful_python_chapter_04_01 folder:

class GameCategoryList(generics.ListCreateAPIView): 
    queryset = GameCategory.objects.all() 
    serializer_class = GameCategorySerializer 
    name = 'gamecategory-list' 
    throttle_scope = 'game-categories' 
    throttle_classes = (ScopedRateThrottle,)

The following lines show the new code for the GameCategoryDetail class in the views.py file. The new lines are highlighted in the following code. The code file for the sample is included in the restful_python_chapter_04_01 folder:

class GameCategoryDetail(generics.RetrieveUpdateDestroyAPIView): 
    queryset = GameCategory.objects.all() 
    serializer_class = GameCategorySerializer 
    name = 'gamecategory-detail' 
    throttle_scope = 'game-categories' 
    throttle_classes = (ScopedRateThrottle,)

We added the same lines in the two classes. We set 'game-categories' as the value for the throttle_scope class attribute and we included ScopedRateThrottle in the tuple that defines the value for throttle_classes. This way, the two class-based views will use the settings specified for the 'game-categories' scope and the ScopeRateThrottle class for throttling. These views will be able to serve 30 requests per hour and won't take into account the global settings that apply to the default classes that we use for throttling: AnonRateThrottle and UserRateThrottle.

Before Django runs the main body of a view, it performs the checks for each throttle class specified in the throttle classes. In the views related to the game categories, we wrote code that overrides the default settings. If a single throttle check fails, the code will raise a Throttled exception and Django won't execute the main body of the view. The cache is responsible of storing previous requests' information for throttling checking.