aiohttp-ratelimiter is a rate limiter for the aiohttp.web framework. This is a new library, and we are always looking for people to contribute. If you see something wrong with the code or want to add a feature, please create a pull request on our github.
Install from git
python -m pip install git+https://github.com/JGLTechnologies/aiohttp-ratelimiter
Install from pypi
python -m pip install aiohttp-ratelimiter
// if redis is being used
python -m pip install aiohttp-ratelimiter[redis]
// if memcached is being used
python -m pip install aiohttp-ratelimiter[memcached]
Example
from aiohttp import web
from aiohttplimiter import default_keyfunc, Limiter
from aiohttplimiter.redis_limiter import RedisLimiter
from aiohttplimiter.memcached_limiter import MemcachedLimiter
app = web.Application()
routes = web.RouteTableDef()
# In Memory
limiter = Limiter(keyfunc=default_keyfunc)
# Redis
limiter = RedisLimiter(keyfunc=default_keyfunc, uri="redis://localhost:6379")
# Memcached
limiter = MemcachedLimiter(keyfunc=default_keyfunc, uri="memcached://localhost:11211")
@routes.get("/")
# This endpoint can only be requested 1 time per second per IP address
@limiter.limit("1/second")
async def home(request):
return web.Response(text="test")
app.add_routes(routes)
web.run_app(app)You can exempt an IP from rate limiting using the exempt_ips kwarg.
from aiohttplimiter import Limiter, default_keyfunc
from aiohttp import web
app = web.Application()
routes = web.RouteTableDef()
# 192.168.1.245 is exempt from rate limiting.
# Keep in mind that exempt_ips takes a set not a list.
limiter = Limiter(keyfunc=default_keyfunc, exempt_ips={"192.168.1.245"})
@routes.get("/")
@limiter.limit("3/5minutes")
async def test(request):
return web.Response(text="test")
app.add_routes(routes)
web.run_app(app)You can create your own error handler by using the error_handler kwarg.
from aiohttplimiter import Allow, RateLimitExceeded, Limiter, default_keyfunc
from aiohttp import web
def handler(request: web.Request, exc: RateLimitExceeded):
# If for some reason you want to allow the request, return aiohttplimitertest.Allow().
if some_condition:
return Allow()
return web.Response(text=f"Too many requests", status=429)
limiter = Limiter(keyfunc=default_keyfunc, error_handler=handler)If multiple paths use one handler like this:
@routes.get("/")
@routes.get("/home")
@limiter.limit("5/hour")
def home(request):
return web.Response(text="Hello")Then they will have separate rate limits. To prevent this use the path_id kwarg.
@routes.get("/")
@routes.get("/home")
@limiter.limit("2/3days", path_id="home")
def home(request):
return web.Response(text="Hello")Views Example
@routes.view("/")
class Home(View):
@limiter.limit("1/second")
def get(self):
return web.Response(text="hello")