Rate limiting for flask applications
Project description
Flask-Limiter provides rate limiting features to Flask applications.
Sponsored by Zuplo a fully-managed API Gateway for developers. Add dynamic rate-limiting authentication and more to any API in minutes. Learn more at zuplo.com
You can configure rate limits at different levels such as:
Application wide global limits per user
Default limits per route
By Blueprints
Flask-Limiter can be configured to fit your application in many ways, including:
Persistance to various commonly used storage backends (such as Redis, Memcached & MongoDB) via limits
Any rate limiting strategy supported by limits
Follow the quickstart below to get started or read the documentation for more details.
Quickstart
Install
pip install Flask-Limiter
Add the rate limiter to your flask app
# app.py
from flask import Flask
from flask_limiter import Limiter
from flask_limiter.util import get_remote_address
app = Flask(__name__)
limiter = Limiter(
app,
key_func=get_remote_address,
default_limits=["2 per minute", "1 per second"],
storage_uri="memory://",
# Redis
# storage_uri="redis://localhost:6379",
# Redis cluster
# storage_uri="redis+cluster://localhost:7000,localhost:7001,localhost:70002",
# Memcached
# storage_uri="memcached://localhost:11211",
# Memcached Cluster
# storage_uri="memcached://localhost:11211,localhost:11212,localhost:11213",
# MongoDB
# storage_uri="mongodb://localhost:27017",
strategy="fixed-window", # or "moving-window"
)
@app.route("/slow")
@limiter.limit("1 per day")
def slow():
return "24"
@app.route("/fast")
def fast():
return "42"
@app.route("/ping")
@limiter.exempt
def ping():
return 'PONG'
Inspect the limits using the command line interface
$ FLASK_APP=app:app flask limiter list
app
├── fast: /fast
│ ├── 2 per 1 minute
│ └── 1 per 1 second
├── ping: /ping
│ └── Exempt
└── slow: /slow
└── 1 per 1 day
Run the app
$ FLASK_APP=app:app flask run
Test it out
The fast endpoint respects the default rate limit while the slow endpoint uses the decorated one. ping has no rate limit associated with it.
$ curl localhost:5000/fast
42
$ curl localhost:5000/fast
42
$ curl localhost:5000/fast
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<title>429 Too Many Requests</title>
<h1>Too Many Requests</h1>
<p>2 per 1 minute</p>
$ curl localhost:5000/slow
24
$ curl localhost:5000/slow
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<title>429 Too Many Requests</title>
<h1>Too Many Requests</h1>
<p>1 per 1 day</p>
$ curl localhost:5000/ping
PONG
$ curl localhost:5000/ping
PONG
$ curl localhost:5000/ping
PONG
$ curl localhost:5000/ping
PONG
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for Flask_Limiter-2.9.2-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 64c6456204d88006324127071598a04cdd77be1576e00e8f5b74fad80925ea37 |
|
MD5 | dbcdeacc9fa360949eb9a62ddd20cfe2 |
|
BLAKE2b-256 | ddab7326f9851b587c219effc350fc811dbe54318e67aa82a169ebb6c56fe705 |