#rate-limiting #limiter #redis

limitation

A rate limiter using a fixed window counter for arbitrary keys, backed by Redis

2 releases

0.1.1 Oct 20, 2019
0.1.0 Oct 20, 2019

#1001 in Asynchronous


Used in 2 crates (via limitation-actix-middlewa…)

MPL-2.0 license

40KB
273 lines

limitation

CI CI Status
Latest Version Latest version
Documentation Documentation
Crate Downloads Crate downloads
License Crate license

Table of Contents

A rate limiter using a fixed window counter for arbitrary keys, backed by Redis.

About

This library provides a fixed window counter for arbitrary keys backed by a Redis instance. The period length and per-period maximum limit are configurable on setup. The communication with the backend is performing in a non-blocking, asynchronous fashion allowing the library to pair with other async frameworks such as Tokio, Actix, etc.

Note: Currently pre-async/await Futures are used (that is Futures 0.1.x) but that may be upgraded in the near future as the Rust 1.39.0 release is near.

Usage

Add limitation to your Cargo.toml:

[dependencies]
limitation = "0.1.1"

Quick Example

The primary type is the Limiter which uses a builder to construct itself. Once built, use the count method with a key representing a user, a session, an interaction, etc. Note that count is a Future and therefore has to be driving to completion with a runtime. For example, to run one count on a key of "10.0.0.5":

use limitation::Limiter;
use futures::Future;

// Build a Limiter with a default rate with a local running Redis instance
let limiter = Limiter::build("redis://127.0.0.1/").finish()?;
// The key to count and track
let key = "10.0.0.5";

// Start and run a Tokio runtime to drive the Future to completion
tokio::run(
    limiter
        // Count returns a Status if the key is under the limit and an `Error::LimitExceeded`
        // containing a Status if the limit has been exceeded
        .count(key)
        // This example deals with both limit exceeded and any Redis connection issues. In this
        // case we'll print the error to the standard error stream to show the current limit
        // status
        .map_err(|err| eprintln!("err: {}", err))
        // In this case we are under the limit and can print out the limit status to the
        // standard output stream
        .and_then(|status| {
            println!("ok: {:?}", status);
            Ok(())
        }),
);

The Limiter Builder

The builder for the Limiter has 2 settings which can be customized to the use case:

  • limit: The high water mark for number of requests in the period. The default is 5000.
  • period: A Duration for the period window. The default is 60 minutes.
use limitation::Limiter;
use std::time::Duration;

let limiter = Limiter::build("redis://127.0.0.1/")
    .limit(5)
    .period(Duration::from_secs(10))
    .finish()?;

Examples

A simple example that uses this library can be found in limitation-example.

The primary inspiration for the implementation was a blog post called An alternative approach to building a simple API Rate limiter using NodeJS and Redis by Atul R.

Other research and references used for this library:

Ideas and Future Work

These are some ideas and potential future work for this project. If you're reading this then maybe you're curious or interesting in helping out? Great! Be sure to check out the Contributing section and dig in!

  • Investigate and offer alternative rate-limiting algorithms, notably a Sliding Window solution.
  • Add async Redis connection pooling with the bb8 and bb8-redis crates to reduce connection establishment delays.
  • Add a status method on Limiter which returns they key's Status without counting a request.
  • Add RedisServer support in an integration testing suite, similar to the infrastructure in the redis crate.

CI Status

Build (master branch)

Operating System Stable Rust Nightly Rust MSRV
FreeBSD FreeBSD Stable Build Status FreeBSD Nightly Build Status FreeBSD Oldest Build Status
Linux Linux Stable Build Status Linux Nightly Build Status Linux Oldest Build Status
macOS macOS Stable Build Status macOS Nightly Build Status macOS Oldest Build Status
Windows Windows Stable Build Status Windows Nightly Build Status Windows Oldest Build Status

Test (master branch)

Operating System Stable Rust Nightly Rust MSRV
FreeBSD FreeBSD Stable Test Status FreeBSD Nightly Test Status FreeBSD Oldest Test Status
Linux Linux Stable Test Status Linux Nightly Test Status Linux Oldest Test Status
macOS macOS Stable Test Status macOS Nightly Test Status macOS Oldest Test Status
Windows Windows Stable Test Status Windows Nightly Test Status Windows Oldest Test Status

Check (master branch)

Status
Lint Lint Status
Format Format Status

Code of Conduct

This project adheres to the Contributor Covenant code of conduct. By participating, you are expected to uphold this code. Please report unacceptable behavior to fnichol@nichol.ca.

Issues

If you have any problems with or questions about this project, please contact us through a GitHub issue.

Contributing

You are invited to contribute to new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can.

Before you start to code, we recommend discussing your plans through a GitHub issue, especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing.

Release History

See the changelog for a full release history.

Authors

Created and maintained by Fletcher Nichol (fnichol@nichol.ca).

License

Licensed under the Mozilla Public License Version 2.0 (LICENSE.txt).

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the MPL-2.0 license, shall be licensed as above, without any additional terms or conditions.

Dependencies

~10MB
~171K SLoC