I am trying to implement rate limiting for requests in Sanic. Unfortunately, the sanic-limiter package on PyPI has not been maintained for years and is not working with current Sanic versions.
I found some GitHub fork of that package, which can be used to set a global request limit by defining a limiter:
limiter = Limiter(
app,
global_limits = [
"1 per second",
"500 per day"
],
key_func = get_remote_address
)
I couldn't get other parts of the exampes working; thus, I assume that version of sanic-limiter is also not fully compatible with current Sanic versions.
According to the description, sanic-limiter is supposed to be the Sanic version of Flask-Limiter, which is linked in the references of the repo.
Flask-Limiter provided the functionality I am interested in, as described in the docs:
@app.after_request
def add_headers(response):
if limiter.current_limit:
response.headers["RemainingLimit"] = limiter.current_limit.remaining
response.headers["ResetAt"] = limiter.current_limit.reset_at
response.headers["MaxRequests"] = limiter.current_limit.limit.amount
response.headers["WindowSize"] = limiter.current_limit.limit.get_expiry()
response.headers["Breached"] = limiter.current_limit.breached
return response
I tried to translate this into Sanic like this:
@app.middleware("response")
async def add_headers(request, response):
if limiter.current_limit:
response.headers["RemainingIDs"] = str(
limiter.current_limit.remaining
)
response.headers["ResetAt"] = str(
limiter.current_limit.reset_at
)
return response
but the limiter apparently does not have those attributes.
Now, I wondered whether anybody got some rate limit working on a current Sanic version and knows how to return the number of remaining requests. Unfortunately, sanic-limiter is barely documented and probably does not provide all required functionalities. So, maybe you know an alternative to sanic-limiter or some work-around?