Feature: Add API Rate Limiting #22
Labels
No labels
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
psycodepath/hrp#22
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Motivation
To protect the application and database from abuse or excessive requests (DoS), we should restrict the rate of incoming API calls per client/IP/user.
Description
Implement a rate-limiting middleware using a Token Bucket or Leaky Bucket algorithm (stored in SQLite or memory) protecting the
/api/v1/*routes.User Story
As a system administrator, I want the REST API to rate-limit requests so that a buggy script or malicious user cannot overwhelm the server.
Gherkin Feature
Acceptance Criteria
/api/v1/*endpoints.X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset) returned in the response.