High-performance async rate limiter for FastAPI with Redis or native in-memory backend
Project description
fastapi‑easylimiter
Simple ASGI async rate-limiting middleware for FastAPI with Redis or in-memory caching. Designed to handle auto-generated routes (such as those provided by FastAPI-Users) without requiring decorators.
Features
- Async rate limiting
- Cache
- Redis
- In-Memory (single worker dev)
- Path Based Rules
- Multi-rule prefix matching
- Capable of global rate-limits and per-route
- Standard rate-limit headers
X-RateLimit-LimitX-RateLimit-RemainingX-RateLimit-Reset- Retry-After on
429responses - Tracking for remaining time sent in headers
- Proxy Aware
- Uses
'X-Forwarded-For'only when the sender is trusted - Rejects spoofed XFF headers
- Uses
'CF-Connecting-IP'when trusted requests pass through Cloudflare - Falls back to ASGI scope["client"] if no trusted headers exist
- Uses
- Zero Dependencies Beyond Redis Client
- Starlette-style ASGI middleware
Installation
pip install fastapi-easylimiter
Usage
from fastapi import FastAPI
from fastapi_easylimiter import AsyncRedisBackend, InMemoryBackend, RateLimiterMiddleware
import redis.asyncio as redis_async
app = FastAPI()
REDIS_URL = "redis://localhost:6379/0"
# Redis backend (recommended for multi-instance deployments)
redis_client = redis_async.from_url(REDIS_URL, decode_responses=True)
backend = AsyncRedisBackend(redis_client)
# Or for single-instance/local development:
# backend = InMemoryBackend()
rules = {
"/api/": {"limit": 60, "period": 60},
"/api/users": {"limit": 1, "period": 2},
}
app.add_middleware(
RateLimiterMiddleware,
rules=rules,
backend=backend,
trusted_proxies=["127.0.0.1"]
)
Rules are automatically sorted longest-first as seen in the code example.
A request to /api/users/me will match:
- /api/users
- /api
Both rules count independently.
If ANY rule is exceeded → request becomes 429.
Uses Atomic LUA script:
local count = redis.call('INCR', key)
if count == 1 then redis.call('EXPIRE', key, period) end
Keys follow the pattern - rl:{client_ip}:{prefix}, which is saved as rl:203.0.113.5:/api
| Parameter | Type | Description |
|---|---|---|
app |
ASGIApp | FastAPI/ASGI app |
rules |
dict | { prefix: {"limit": int, "period": int} } |
backend |
Redis or InMemory backend | Rate-limit storage |
trusted_proxies |
list[str] | Proxies allowed to send real client IP |
Contributing
Contributions and forks are always welcome! Feel free to adapt, improve, or extend this middleware for your own needs. This was purely made out of personal necessity.
Support
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file fastapi_easylimiter-0.2.4.tar.gz.
File metadata
- Download URL: fastapi_easylimiter-0.2.4.tar.gz
- Upload date:
- Size: 5.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.1
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
0090b0a8c2aa9918f6da3c262514ba4ef026dbf4f01730714d80be75f6e72152
|
|
| MD5 |
476277ff7d836492792429031d2d9e37
|
|
| BLAKE2b-256 |
b77706bd2804f34aa3f065fe20e2e5e8dbfeff08b1d90a8e575dbcc293708d18
|
File details
Details for the file fastapi_easylimiter-0.2.4-py3-none-any.whl.
File metadata
- Download URL: fastapi_easylimiter-0.2.4-py3-none-any.whl
- Upload date:
- Size: 6.7 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.1
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
dfd3a7f61d68d5e581c65fcf6f9a338f80ea58bd93b20770958f3cf2e58da5f4
|
|
| MD5 |
5932a94a4cf7ead66a0e2f5e7aadb231
|
|
| BLAKE2b-256 |
fe36df21887397f25484aba138d8f0cdeaf7adc67a2aa91f56d54f73c33c2ee6
|
