Commit 208c6cc

committed

feat: Enhanced rate limiting system

Implements issue #15 - API Rate Limiting Features: - Multi-tier rate limiting: - Global rate limiting across all clients - Per-IP rate limiting - Per-user/API key rate limiting - Per-endpoint rate limiting with custom limits - Configurable limits per endpoint: - Health check: 600/min (permissive) - Search: 60/min (moderate) - Create server: 30/min (strict) - Delete server: 10/min (very strict) - Security tests: 10/min (resource intensive) - Auth login: 20/min (brute force prevention) - Auth register: 10/min (spam prevention) - Rate limit response headers: - X-RateLimit-Limit - X-RateLimit-Remaining - X-RateLimit-Reset - Retry-After - Memory management: - Automatic cleanup of stale entries - Configurable TTL for entries - Stats endpoint for monitoring - Management API: - GET /api/v1/rate-limit/stats - GET /api/v1/rate-limit/config - PUT /api/v1/rate-limit/config Closes #15

1 parent 8de1caa commit 208c6ccCopy full SHA for 208c6cc

1 file changed

+609

-0

lines changed

backend/internal/middleware
- rate_limiter.go

1 file changed

+609

-0

lines changed

Comments

(0)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Commit 208c6cc

1 file changed

1 file changed

File tree

1 file changed

1 file changed

0 commit comments