giteacraftr.sxr08/greenlight
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Enforcing a global rate limit.

Browse Source
This commit is contained in:
Maxime Delporte
2025-11-16 10:36:36 +01:00
parent e93375d441
commit 8b0c51123f
5 changed files with 27 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
cmd/api/errors.go
View File

@@ -61,3 +61,8 @@ func (app *application) editConflictResponse(w http.ResponseWriter, r *http.Requ
message := "unable to update the record due to an edit conflict, please try again"
app.errorResponse(w, r, http.StatusConflict, message)
}
func (app *application) rateLimitExceededResponse(w http.ResponseWriter, r *http.Request) {
message := "rate limit exceeded"
app.errorResponse(w, r, http.StatusTooManyRequests, message)
}

17
cmd/api/middleware.go
View File

@@ -2,6 +2,7 @@ package main
import (
"fmt"
"golang.org/x/time/rate"
"net/http"
)
@@ -22,3 +23,19 @@ func (app *application) recoverPanic(next http.Handler) http.Handler {
next.ServeHTTP(w, r)
})
}
func (app *application) rateLimit(next http.Handler) http.Handler {
// Initialize a new rate limiter which allows an overage of 2 requests per second, with a maximum of 4 requests in a single `burst`
limiter := rate.NewLimiter(2, 4)
// The function we are returning is a closure, which 'closes over' the limiter variable
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
// Call limiter.Allow() to see if the request is permitted, and if it's not, then we call the rateLimitExceededResponse() helper to return a 429 Too Many Requests response (we will create this helper in a minute).
if !limiter.Allow() {
app.rateLimitExceededResponse(w, r)
return
}
next.ServeHTTP(w, r)
})
}

3
cmd/api/routes.go
View File

@@ -31,5 +31,6 @@ func (app *application) routes() http.Handler {
// Return the httprouter instance.
// Wrap the router with the panic recovery middleware
return app.recoverPanic(router)
// Wrap the router with the rateLimit() middleware
return app.recoverPanic(app.rateLimit(router))
}

1
go.mod
View File

@@ -5,4 +5,5 @@ go 1.25.1
require (
github.com/julienschmidt/httprouter v1.3.0 // indirect
github.com/lib/pq v1.10.9 // indirect
golang.org/x/time v0.14.0 // indirect
)

2
go.sum
View File

@@ -2,3 +2,5 @@ github.com/julienschmidt/httprouter v1.3.0 h1:U0609e9tgbseu3rBINet9P48AI/D3oJs4d
github.com/julienschmidt/httprouter v1.3.0/go.mod h1:JR6WtHb+2LUe8TCKY3cZOxFyyO8IZAc4RVcycCCAKdM=
github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw=
github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
golang.org/x/time v0.14.0 h1:MRx4UaLrDotUKUdCIqzPC48t1Y9hANFKIRpNx+Te8PI=
golang.org/x/time v0.14.0/go.mod h1:eL/Oa2bBBK0TkX57Fyni+NgnyQQN4LitPmob2Hjnqw4=