This repository serves as a practical implementation reference and study guide for various Rate Limiting algorithms. It contains both a working implementation of a rate limiter using FastAPI and Valkey (Redis), as well as comprehensive documentation explaining the theory behind different rate limiting strategies.
- API Server (
/api-server): A Python FastAPI application that implements a customValkeyRateLimitMiddleware. It demonstrates how to apply rate limits based on user IDs. - Infrastructure (
docker-compose.yaml): Docker-ready setup that spins up the FastAPI application alongside Valkey and Keycloak (for authentication). - Test Suite (
test_client.py): A script to test the rate-limiting functionality under load, verifying that exactly the right amount of requests are allowed through.
The documentation explores the following rate limiting strategies:
- Fixed Window Counter
- Sliding Window Log
- Sliding Window Counter
- Token Bucket
- Leaky Bucket
You can view the full documentation site here, or by navigating directly to the /docs folder in this repository.
- Docker and Docker Compose
- Python 3.10+ (for running the test client locally)
-
Start the infrastructure (FastAPI, Valkey, Keycloak):
docker compose up --build -d
-
The API will be available at
http://localhost:8000.
To see the rate limiting in action, you can run the provided test script. It will attempt to burst requests to the API and print out which requests succeed (200 OK) and which are throttled (429 Too Many Requests).
# Install dependencies using uv
uv init
uv add requests
# Run the test
uv run test_client.py