About

A configurable (yet still simple) set of middleware that makes it easy to limit user requests (typically for an api)
based on a # / hour limit. Combined with other middleware it’d be easy to do routing.

Usage

It accepts a variety of hash-style options, with defaults specified in RedisRequestLimiter::DEFAULT_OPTIONS:

1. :per_user_limit – the number of requests / period a user normally can use, Defaults to 100
2. :reset_requests_every – Number of seconds to reset after (Defaults to 5 minutes)
3. :override_limit_proc – proc returning [limit_count, reset_every] ([nil, nil] to use defaults) based on a specified env
4. :redis_rate_key – the default redis key prefix, api-requests out of the box
5. :header_status_prefix – prefix for the added api limit headers, defaults to X-API-Limit
6. :env_to_api_key_proc – returns a string to use in the key per-user, defaults to the requester’s IP
7. :limiter_app – a rack app that is called when limited.

Additionally, RedisRequestLimiter.redis(=) is defined to let you set a default Redis client