/ 
PAGI-Server-0.001004
/ PAGI::Middleware::RateLimit

NAME

PAGI::Middleware::RateLimit - Request rate limiting middleware

SYNOPSIS

use PAGI::Middleware::Builder;

my $app = builder {
    enable 'RateLimit',
        requests_per_second => 10,
        burst => 20,
        key_generator => sub  {
    my ($scope) = @_; $scope->{client}[0] };
    $my_app;
};

DESCRIPTION

PAGI::Middleware::RateLimit implements token bucket rate limiting per client. Clients exceeding the rate limit receive 429 Too Many Requests.

CONFIGURATION

  • requests_per_second (default: 10)

    Average requests allowed per second.

  • burst (default: 20)

    Maximum burst size (bucket capacity).

  • key_generator (default: client IP)

    Coderef to generate rate limit key from $scope.

  • backend (default: in-memory)

    Rate limit storage backend. Can be 'memory' or a custom object implementing get/set methods.

RATE LIMITING ALGORITHM

This middleware uses the token bucket algorithm:

  • Each client has a "bucket" that holds tokens

  • Tokens are added at a constant rate (requests_per_second)

  • The bucket has a maximum capacity (burst)

  • Each request consumes one token

  • If no tokens available, request is rejected

This allows short bursts of traffic while maintaining an average rate.

SEE ALSO

PAGI::Middleware - Base class for middleware