api-rate-limiting

Solid

Implements API rate limiting using token bucket, sliding window, and Redis-based algorithms to protect against abuse. Use when securing public APIs, implementing tiered access, or preventing denial-of-service attacks.

API & Backend 162 stars 25 forks Updated 2 weeks ago MIT

Install

View on GitHub

Quality Score: 86/100

Stars 20%
74
Recency 20%
90
Frontmatter 20%
70
Documentation 15%
85
Issue Health 10%
80
License 10%
100
Description 5%
100

Skill Content

# API Rate Limiting Protect APIs from abuse using rate limiting algorithms with per-user and per-endpoint strategies. ## Algorithms | Algorithm | Pros | Cons | |-----------|------|------| | Token Bucket | Handles bursts, smooth | Memory per user | | Sliding Window | Accurate | Memory intensive | | Fixed Window | Simple | Boundary spikes | ## Token Bucket (Node.js) ```javascript class TokenBucket { constructor(capacity, refillRate) { this.capacity = capacity; this.tokens = capacity; this.refillRate = refillRate; // tokens per second this.lastRefill = Date.now(); } consume() { this.refill(); if (this.tokens >= 1) { this.tokens--; return true; } return false; } refill() { const now = Date.now(); const elapsed = (now - this.lastRefill) / 1000; this.tokens = Math.min(this.capacity, this.tokens + elapsed * this.refillRate); this.lastRefill = now; } } ``` ## Express Middleware ```javascript const rateLimit = require('express-rate-limit'); const limiter = rateLimit({ windowMs: 15 * 60 * 1000, // 15 minutes max: 100, standardHeaders: true, message: { error: 'Too many requests, try again later' } }); app.use('/api/', limiter); ``` ## Response Headers ``` X-RateLimit-Limit: 100 X-RateLimit-Remaining: 45 X-RateLimit-Reset: 1705320000 Retry-After: 60 ``` ## Tiered Limits | Tier | Requests/Hour | |------|---------------| | Free | 100 | | Pro | 1,000 | | Enterprise | 10,000 | ## Best Practices -...

Details

Author
secondsky
Repository
secondsky/claude-skills
Created
6 months ago
Last Updated
2 weeks ago
Language
TypeScript
License
MIT

Integrates with

Cloudflare · Cloud Redis · Database Express.js · Backend

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Featured

rate-limiting-apis

Implement sophisticated rate limiting with sliding windows, token buckets, and quotas. Use when protecting APIs from excessive requests. Trigger with phrases like "add rate limiting", "limit API requests", or "implement rate limits".

2,274 Updated today
jeremylongshore
API & Backend Listed

api-rate-limiting

Design and implement API rate limiting — algorithm selection (token bucket, sliding window, fixed window), Redis-based distributed limiting, per-user and per-IP limits, rate limit headers, retry-after, and burst handling. Use when asked to "add rate limiting", "throttle requests", "too many requests", "429", "token bucket", "sliding window counter", "per-user quota", "API abuse", "burst traffic", or "rate limit this endpoint". Do NOT use for: load shedding at the infrastructure layer — that belongs in a load balancer or API gateway config, not application code.

3 Updated today
phamlongh230-lgtm
API & Backend Featured

implementing-api-rate-limiting-and-throttling

Implements API rate limiting and throttling controls using token bucket, sliding window, and fixed window algorithms to protect against brute force attacks, credential stuffing, resource exhaustion, and API abuse. The engineer configures per-user, per-IP, and per-endpoint rate limits using Redis-backed counters, API gateway plugins, or application middleware, and implements proper HTTP 429 responses with Retry-After headers. Activates for requests involving rate limiting implementation, API throttling setup, request quota management, or API abuse prevention.

13,115 Updated today
mukul975
AI & Automation Featured

implementing-api-abuse-detection-with-rate-limiting

Implement API abuse detection using token bucket, sliding window, and adaptive rate limiting algorithms to prevent DDoS, brute force, and credential stuffing attacks.

13,115 Updated today
mukul975
AI & Automation Featured

apollo-rate-limits

Implement Apollo.io rate limiting and backoff. Use when handling rate limits, implementing retry logic, or optimizing API request throughput. Trigger with phrases like "apollo rate limit", "apollo 429", "apollo throttling", "apollo backoff", "apollo request limits".

2,274 Updated today
jeremylongshore