A rate limiting library for .Net projects.
Currently provides middleware for:
- AspNet Core
Available rate limiting strategies:
- Leaky Bucket
When a client exceeds their request limit, a 429 Too Many Requests status will be returned.
The middleware should be attached to the application as high in the order as possible, to intercept requests early.
For an example of how to configure the library, please see the example Startup.cs
By default client requests will be identified using the remote address of the request. To implement a custom identity provider, implement the IClientIdentityProvider interface and pass it in to the configuration.
If EnableHeaders is true headers will be added to all responses. These are dependant on the limiting strategy used.
For Leaky Bucket, the headers are:
RateLimit-Remaining - The remaining allowance
RateLimit-LeakRate - The rate at which tokens leak out of the bucket
RateLimit-LeakAmount - The number of tokens to leak at each interval
RateLimit-Cost - The number of tokens a single request costs
Using the HeaderPrefix setting, you can customize the prefix for these headers. The default prefix is X-.