https://github.com/mreshboboyev/api-rate-limiter
A robust and scalable API Rate Limiter implementation in .NET Core, supporting 4 algorithms (Fixed Window, Sliding Window, Token Bucket, Concurrency) with IP-based rate limiting. Built using Clean Architecture and integrated with Redis for distributed environments.
https://github.com/mreshboboyev/api-rate-limiter
api-security clean-architecture concurrency fixed-window ip-based-rate-limiting middleware rate-limiting redis security sliding-window throttling token-bucket
Last synced: 27 days ago
JSON representation
A robust and scalable API Rate Limiter implementation in .NET Core, supporting 4 algorithms (Fixed Window, Sliding Window, Token Bucket, Concurrency) with IP-based rate limiting. Built using Clean Architecture and integrated with Redis for distributed environments.
- Host: GitHub
- URL: https://github.com/mreshboboyev/api-rate-limiter
- Owner: MrEshboboyev
- Created: 2025-02-02T08:33:11.000Z (over 1 year ago)
- Default Branch: main
- Last Pushed: 2025-11-08T18:30:35.000Z (7 months ago)
- Last Synced: 2025-11-08T20:23:29.405Z (7 months ago)
- Topics: api-security, clean-architecture, concurrency, fixed-window, ip-based-rate-limiting, middleware, rate-limiting, redis, security, sliding-window, throttling, token-bucket
- Language: C#
- Homepage:
- Size: 45.9 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# ๐ API Rate Limiter - .NET 9
A powerful and scalable **API Rate Limiter** built with **.NET 9**, supporting multiple rate-limiting algorithms (**Fixed Window, Sliding Window, Token Bucket, Concurrency**) with **IP-based rate limiting**. Designed using **Clean Architecture** and integrated with **Redis** for distributed environments.
---
## ๐ Features
โ
**Multiple Rate-Limiting Algorithms**:
- **Fixed Window** ๐ โ Limits requests per fixed time window.
- **Sliding Window** ๐ โ Smooths request spikes with a rolling window.
- **Token Bucket** ๐ช โ Allows burstable traffic via token-based management.
- **Concurrency** ๐ โ Restricts simultaneous client connections.
โ
**IP-Based Rate Limiting** ๐ก โ Ensures fair request distribution across users.
โ
**Redis Integration** ๐ข๏ธ โ Enables scalable, distributed rate limiting.
โ
**Clean Architecture** ๐๏ธ โ Layered design following **best practices**.
โ
**Fully Configurable** ๐ง โ Manage rate limits in `appsettings.json`.
---
## ๐ ๏ธ Technologies Used
| Technology | Purpose |
|-------------|----------|
| **.NET 9** | Core framework |
| **Redis** | Distributed caching & rate limiting |
| **StackExchange.Redis** | Redis client for .NET |
| **MediatR** | CQRS pattern implementation |
| **Serilog** | Logging |
| **xUnit** | Unit testing framework |
| **Moq** | Mocking for unit tests |
---
## ๐๏ธ Clean Architecture Overview
๐ **This project follows Clean Architecture principles:**
```
๐ src/
โโโ ๐ App # Runnable and installers located web api
โโโ ๐ Domain # Business logic & entities
โโโ ๐ Application # Use cases, handlers, services
โโโ ๐ Infrastructure # Redis integration & rate-limiting logic
โโโ ๐ Persistence # EF Core integration & implementations
โโโ ๐ Presentation # API controllers & contracts
```
### โจ Benefits of Clean Architecture
- **Separation of Concerns** โ Organized and maintainable code.
- **Scalability** โ Easily extendable for new features.
- **Testability** โ Isolated business logic for robust unit tests.
---
## โก How It Works
### **1๏ธโฃ Fixed Window Algorithm**
- Restricts requests within a fixed time period.
- Example: `100 requests per minute`.
### **2๏ธโฃ Sliding Window Algorithm**
- Maintains a rolling window to smooth traffic bursts.
- Example: **Consider last `60 seconds` instead of resetting counters**.
### **3๏ธโฃ Token Bucket Algorithm**
- Allows controlled bursts of traffic.
- Example: **Users get `100 tokens`, refilling at `10/sec`**.
### **4๏ธโฃ Concurrency Algorithm**
- Limits the number of simultaneous API requests.
- Example: `Max 10 concurrent users`.
### **5๏ธโฃ IP-Based Rate Limiting**
- Identifies and restricts request flow per IP address.
- Ensures fair resource allocation across users.
---
## ๐ Getting Started
### ๐ Prerequisites
โ
[.NET 9 SDK](https://dotnet.microsoft.com/download/dotnet/9.0)
โ
[Redis](https://redis.io/download)
โ
[Visual Studio Code](https://code.visualstudio.com/)
โ
[Postman](https://www.postman.com/) (for API testing)
### ๐ง Installation & Setup
#### 1๏ธโฃ Clone the Repository
```sh
git clone https://github.com/MrEshboboyev/api-rate-limiter.git
cd src
```
#### 2๏ธโฃ Install Dependencies
```sh
dotnet restore
```
#### 3๏ธโฃ Run Redis in Docker
```sh
docker run -d -p 6379:6379 redis
```
#### 4๏ธโฃ Run the Application
```sh
dotnet run --project src/App
```
---
## ๐ง Configuration
Modify `appsettings.json` to configure rate limits:
```json
{
"RateLimitSettings": {
"FixedWindow": {
"PermitLimit": 100,
"WindowInSeconds": 60
},
"SlidingWindow": {
"PermitLimit": 100,
"WindowInSeconds": 60
},
"TokenBucket": {
"BucketSize": 100,
"RefillRate": 10
},
"Concurrency": {
"MaxConcurrentRequests": 10
}
}
}
```
---
## ๐ก API Endpoints
| Method | Endpoint | Description |
|--------|---------|-------------|
| **GET** | `/api/rate-limit/get-random` | Enabled endpoint for rate limiting |
| **POST** | `/api/rate-limit/get-random-two` | Disabled endpoint for rate limiting |
---
## ๐งช Testing
### ๐ Unit Tests
Run tests to validate the functionality:
```sh
dotnet test
```
### ๐ API Testing (Postman/cURL)
Send multiple requests to trigger rate limiting:
```sh
curl -X GET http://localhost:5000/api/rate-limit/test
```
โ
If rate limit is exceeded, youโll get **429 Too Many Requests**.
---
## ๐ค Contributing
Contributions are **welcome!** ๐ If you find any issues or have suggestions, feel free to **open an issue** or **submit a pull request**.
---
## ๐ License
This project is **MIT Licensed**. See the [LICENSE](LICENSE) file for details.
---
## ๐ Acknowledgments
Special thanks to:
- The **.NET** and **Redis** communities for excellent tools.
- Clean Architecture & Domain-Driven Design inspirations.
---
## โ๏ธ Contact
๐ฌ **GitHub**: [MrEshboboyev](https://github.com/MrEshboboyev)
๐ฌ **Email**: mreshboboyev@gmail.com
---
โญ **Star this repository** if you found it helpful! ๐