Rate limiting for flask applications
Project description
Flask-Limiter provides rate limiting features to flask routes. It has support for a configurable backend for storage with current implementations for in-memory, redis and memcache.
Quickstart
Add the rate limiter to your flask app. The following example uses the default in memory implementation for storage.
from flask import Flask
from flask_limiter import Limiter
app = Flask(__name__)
limiter = Limiter(app, global_limits=["2 per minute", "1 per second"])
@app.route("/slow")
@limiter.limit("1 per day")
def slow():
return "24"
@app.route("/fast")
def fast():
return "42"
@app.route("/ping")
@limiter.exempt
def ping():
return 'PONG'
app.run()
Test it out. The fast endpoint respects the global rate limit while the slow endpoint uses the decorated one. ping has no rate limit associated with it.
$ curl localhost:5000/fast
42
$ curl localhost:5000/fast
42
$ curl localhost:5000/fast
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<title>429 Too Many Requests</title>
<h1>Too Many Requests</h1>
<p>2 per 1 minute</p>
$ curl localhost:5000/slow
24
$ curl localhost:5000/slow
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<title>429 Too Many Requests</title>
<h1>Too Many Requests</h1>
<p>1 per 1 day</p>
$ curl localhost:5000/ping
PONG
$ curl localhost:5000/ping
PONG
$ curl localhost:5000/ping
PONG
$ curl localhost:5000/ping
PONG
Changelog
0.4 2014-05-28
0.3.2 2014-05-26
Bug fix
Memory leak when using Limiter.storage.MemoryStorage (Issue 4.)
Improved test coverage
0.3.1 2014-02-20
Strict version requirement on six
documentation tweaks
0.3.0 2014-02-19
improved logging support for multiple handlers
allow callables to be passed to Limiter.limit decorator to dynamically load rate limit strings.
add a global kill switch in flask config for all rate limits.
Bug fixes
default key function for rate limit domain wasn’t accounting for X-Forwarded-For header.
0.2.2 2014-02-18
add new decorator to exempt routes from limiting.
Bug fixes
versioneer.py wasn’t included in manifest.
configuration string for strategy was out of sync with docs.
0.2.1 2014-02-15
python 2.6 support via counter backport
source docs.
0.2 2014-02-15
Implemented configurable strategies for rate limiting.
Bug fixes
better locking for in-memory storage
multi threading support for memcached storage
0.1.1 2014-02-14
Bug fixes
fix initializing the extension without an app
don’t rate limit static files
0.1.0 2014-02-13
first release.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.