FastAPI middleware for IP-based rate limiting using Redis, with configurable request limits and time windows.
Project description
FastAPI Rate Limiter Middleware
Project Description
This project implements a Rate Limiting Middleware for a FastAPI application. The middleware restricts how many requests a client (identified by IP address) can make within a defined time window. It helps protect your API from abuse, excessive traffic, and denial-of-service (DoS) attacks by throttling requests at the middleware level before they reach the main application logic.
Key Features
- 🔒 Per-IP Rate Limiting: Limits each unique IP address to a fixed number of requests within a given time window.
- ⏱️ Configurable Limits: Easily set the number of allowed requests and time window (e.g., 5 requests per 60 seconds).
- 🧠 Smart Storage with Redis: Uses Redis to efficiently store and manage request counters with TTL (time-to-live).
- 📉 Fail-Open Strategy: If Redis is unavailable, the middleware gracefully lets requests through to avoid blocking legitimate users.
- 🔄 Auto Reset: Counters reset automatically after the time window expires.
- 📦 Reusable Component: Designed as a plug-and-play middleware class for any FastAPI project.
How It Works
- When a request comes in, the middleware checks the client’s IP address.
- It creates or updates a Redis key that tracks the number of requests from that IP.
- If the request count exceeds the allowed limit:
- The request is rejected with HTTP
429 Too Many Requests. - A message is returned including the
retry_after_secondsfield indicating how long to wait before retrying.
- The request is rejected with HTTP
- If under the limit, the request proceeds normally to the API endpoint.
Tech Stack
| Technology | Purpose |
|---|---|
| FastAPI | Web framework for building APIs |
| Redis | In-memory data store for counters |
| Uvicorn | ASGI server to run the FastAPI app |
| Starlette | Base for FastAPI and middleware |
Example
# main.py
from fastapi import FastAPI
from fastapi_rlr import RateLimiterMiddleware
app = FastAPI()
# Add middleware with Redis URL
app.add_middleware(
RateLimiterMiddleware,
redis_url="redis://localhost:6379", # Adjust to your Redis config
max_requests=5,
window_seconds=60
)
@app.get("/")
async def root():
return {"message": "Hello, World!"}
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file fastapi_rlr-0.1.0.tar.gz.
File metadata
- Download URL: fastapi_rlr-0.1.0.tar.gz
- Upload date:
- Size: 2.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.7.21
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
e3f36ad44a8447e929463a75c0c1b96dcb62f8b1b4ed4fb0340275efc5204c09
|
|
| MD5 |
60e8ae32b6999e0a9aae53d9e6c1c02a
|
|
| BLAKE2b-256 |
dbb1fbc319e58b6629ad17b995fb32a7bb9152ff23fcd15a059fdd798ff1e973
|
File details
Details for the file fastapi_rlr-0.1.0-py3-none-any.whl.
File metadata
- Download URL: fastapi_rlr-0.1.0-py3-none-any.whl
- Upload date:
- Size: 2.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.7.21
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
fa6dce178146a35d074483b05fbcd262dced871e971358d833386d19bac6ea66
|
|
| MD5 |
a100b10eaab138291976f158f0b8cb9a
|
|
| BLAKE2b-256 |
2c0f3279c303d623fb05ac92863c30a6efd65177b55290fec18b1e1bc6fea853
|
