Sliding-window rate limiter built on powpow's event loop.
Usage: let server = newHttpServer() let rl = newRateLimiter(server.getLoop(), maxRequests = 100, windowMs = 60_000) server.handler = proc(req: HttpRequest, res: HttpResponse) {.gcsafe.} = if not rl.check(req, res): return res.status(Http200).send("Hello!")
Types
RateLimiter = ref object loop*: Loop
Procs
proc allow(rl: RateLimiter; ip: string): bool {....raises: [], tags: [TimeEffect], forbids: [].}
- Check if a request from ip is allowed. Returns true if within the rate limit, false if the limit has been exceeded.
proc check(rl: RateLimiter; req: HttpRequest; res: HttpResponse): bool {. ...raises: [KeyError, OSError], tags: [TimeEffect], forbids: [].}
- Convenience: calls allow with req.getClientIp(). If denied, sends HTTP 429 and returns false.
proc newRateLimiter(loop: Loop; maxRequests: int; windowMs: int; enableCleanup = true): RateLimiter {....raises: [], tags: [TimeEffect], forbids: [].}
- Create a sliding-window rate limiter. maxRequests per windowMs per unique client IP. When enableCleanup is true (default), a periodic timer sweeps stale buckets from memory.