Skip to main content

Rate limiting for flask applications

Project description

docs ci codecov pypi license

Flask-Limiter adds rate limiting to Flask applications.

You can configure rate limits at different levels such as:

Flask-Limiter can be configured to fit your application in many ways, including:

  • Persistance to various commonly used storage backends (such as Redis, Memcached & MongoDB) via limits

  • Any rate limiting strategy supported by limits

Follow the quickstart below to get started or read the documentation for more details.

Quickstart

Install

pip install Flask-Limiter

Add the rate limiter to your flask app

# app.py

from flask import Flask
from flask_limiter import Limiter
from flask_limiter.util import get_remote_address

app = Flask(__name__)
limiter = Limiter(
    get_remote_address,
    app=app,
    default_limits=["2 per minute", "1 per second"],
    storage_uri="memory://",
    # Redis
    # storage_uri="redis://localhost:6379",
    # Redis cluster
    # storage_uri="redis+cluster://localhost:7000,localhost:7001,localhost:70002",
    # Memcached
    # storage_uri="memcached://localhost:11211",
    # Memcached Cluster
    # storage_uri="memcached://localhost:11211,localhost:11212,localhost:11213",
    # MongoDB
    # storage_uri="mongodb://localhost:27017",
    strategy="fixed-window", # or "moving-window", or "sliding-window-counter"
)

@app.route("/slow")
@limiter.limit("1 per day")
def slow():
    return "24"

@app.route("/fast")
def fast():
    return "42"

@app.route("/ping")
@limiter.exempt
def ping():
    return 'PONG'

Inspect the limits using the command line interface

$ FLASK_APP=app:app flask limiter limits

app
├── fast: /fast
   ├── 2 per 1 minute
   └── 1 per 1 second
├── ping: /ping
   └── Exempt
└── slow: /slow
    └── 1 per 1 day

Run the app

$ FLASK_APP=app:app flask run

Test it out

The fast endpoint respects the default rate limit while the slow endpoint uses the decorated one. ping has no rate limit associated with it.

$ curl localhost:5000/fast
42
$ curl localhost:5000/fast
42
$ curl localhost:5000/fast
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<title>429 Too Many Requests</title>
<h1>Too Many Requests</h1>
<p>2 per 1 minute</p>
$ curl localhost:5000/slow
24
$ curl localhost:5000/slow
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<title>429 Too Many Requests</title>
<h1>Too Many Requests</h1>
<p>1 per 1 day</p>
$ curl localhost:5000/ping
PONG
$ curl localhost:5000/ping
PONG
$ curl localhost:5000/ping
PONG
$ curl localhost:5000/ping
PONG

Project details


Release history Release notifications | RSS feed

This version

3.12

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

flask_limiter-3.12.tar.gz (303.2 kB view details)

Uploaded Source

Built Distribution

flask_limiter-3.12-py3-none-any.whl (28.5 kB view details)

Uploaded Python 3

File details

Details for the file flask_limiter-3.12.tar.gz.

File metadata

  • Download URL: flask_limiter-3.12.tar.gz
  • Upload date:
  • Size: 303.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.12.9

File hashes

Hashes for flask_limiter-3.12.tar.gz
Algorithm Hash digest
SHA256 f9e3e3d0c4acd0d1ffbfa729e17198dd1042f4d23c130ae160044fc930e21300
MD5 ac7bbe62273238491193b4dd37f0ab27
BLAKE2b-256 707592b237dd4f6e19196bc73007fff288ab1d4c64242603f3c401ff8fc58a42

See more details on using hashes here.

Provenance

The following attestation bundles were made for flask_limiter-3.12.tar.gz:

Publisher: main.yml on alisaifee/flask-limiter

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file flask_limiter-3.12-py3-none-any.whl.

File metadata

  • Download URL: flask_limiter-3.12-py3-none-any.whl
  • Upload date:
  • Size: 28.5 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.12.9

File hashes

Hashes for flask_limiter-3.12-py3-none-any.whl
Algorithm Hash digest
SHA256 b94c9e9584df98209542686947cf647f1ede35ed7e4ab564934a2bb9ed46b143
MD5 c887d87662b755d1ab9c471f17f91502
BLAKE2b-256 66ba40dafa278ee6a4300179d2bf59a1aa415165c26f74cfa17462132996186b

See more details on using hashes here.

Provenance

The following attestation bundles were made for flask_limiter-3.12-py3-none-any.whl:

Publisher: main.yml on alisaifee/flask-limiter

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page