ratelimit

package
v2.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 2, 2026 License: Apache-2.0 Imports: 9 Imported by: 1

Documentation

Overview

Package ratelimit provides stable rate-limit middleware over ports.RateLimiter.

The middleware owns HTTP behavior while storage and quota decisions stay behind the RateLimiter port. Use contrib adapters for concrete stores, and keep dangerous local bypass configuration restricted to trusted proxies.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type KeyFn 

type KeyFn func(*http.Request) string

KeyFn extracts a key for rate limiting buckets.

type Middleware 

type Middleware struct {
	// contains filtered or unexported fields
}

Middleware enforces in-memory token bucket rate limits.

func New 

func New(opts Options) (*Middleware, error)

New constructs a rate limiting middleware with defaults.

func (*Middleware) Handler 

func (m *Middleware) Handler(next http.Handler) http.Handler

Handler wraps the next handler with rate limiting logic.

func (*Middleware) Middleware 

func (m *Middleware) Middleware() func(http.Handler) http.Handler

Middleware implements ports.Middleware via Handler adapter.

type Options 

type Options struct {
	Capacity   float64 // tokens
	RefillRate float64 // tokens per second
	Key        KeyFn   // how to key buckets
	RetryAfter time.Duration
	Clock      ports.Clock
	// Limiter overrides the default in-memory limiter with a shared limiter.
	Limiter ports.RateLimiter
	// ClientIPResolver derives client identity from trusted proxies.
	ClientIPResolver identity.Resolver
	// StateTTL evicts buckets that have been idle for this duration.
	StateTTL time.Duration
	// CleanupInterval controls how often eviction runs.
	CleanupInterval time.Duration

	// SkipEnabled toggles honoring the SkipHeader. Useful for tests/dev.
	SkipEnabled bool
	// SkipHeader contains the header name that, when present, bypasses limiting.
	// When empty, no bypass is applied.
	SkipHeader string
	// AllowDangerousDevBypasses enables skip headers only when request comes from trusted proxies.
	AllowDangerousDevBypasses bool
	// FailOpen controls whether requests pass through when limiter errors.
	FailOpen bool
	// OnError receives limiter errors, when present.
	OnError func(error)
}

Options configures the rate limit middleware.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.