├── .gitattributes
├── .github
├── dependabot.yml
└── workflows
│ ├── build.yml
│ ├── nuget_push.yml
│ └── nuget_push_aspnetcore.yml
├── .gitignore
├── LICENSE
├── README.md
├── RedisRateLimiting.sln
├── docs
├── concurrency.png
├── concurrent.excalidraw
├── fixed_window.excalidraw
├── fixed_window.png
├── sliding_window.excalidraw
├── sliding_window.png
├── token_bucket.excalidraw
└── token_bucket.png
├── src
├── RedisRateLimiting.AspNetCore
│ ├── PolicyNameKey.cs
│ ├── RateLimitHeaders.cs
│ ├── RateLimitMetadata.cs
│ ├── RedisRateLimiterOptionsExtensions.cs
│ └── RedisRateLimiting.AspNetCore.csproj
└── RedisRateLimiting
│ ├── Concurrency
│ ├── RedisConcurrencyManager.cs
│ ├── RedisConcurrencyRateLimiter.cs
│ └── RedisConcurrencyRateLimiterOptions.cs
│ ├── FixedWindow
│ ├── RedisFixedWindowManager.cs
│ ├── RedisFixedWindowRateLimiter.cs
│ └── RedisFixedWindowRateLimiterOptions.cs
│ ├── RateLimitMetadataName.cs
│ ├── RedisRateLimitPartition.cs
│ ├── RedisRateLimiterOptions.cs
│ ├── RedisRateLimiting.csproj
│ ├── SlidingWindow
│ ├── RedisSlidingWindowManager.cs
│ ├── RedisSlidingWindowRateLimiter.cs
│ └── RedisSlidingWindowRateLimiterOptions.cs
│ └── TokenBucket
│ ├── RedisTokenBucketManager.cs
│ ├── RedisTokenBucketRateLimiter.cs
│ └── RedisTokenBucketRateLimiterOptions.cs
└── test
├── RedisRateLimiting.Sample.AspNetCore
├── Controllers
│ ├── ClientsController.cs
│ ├── ConcurrencyController.cs
│ ├── FixedWindowController.cs
│ ├── SlidingWindowController.cs
│ └── TokenBucketController.cs
├── Database
│ └── SampleDbContext.cs
├── Migrations
│ ├── 20221113165632_DatabaseStructure.Designer.cs
│ ├── 20221113165632_DatabaseStructure.cs
│ └── SampleDbContextModelSnapshot.cs
├── Program.cs
├── Properties
│ └── launchSettings.json
├── RedisRateLimiting.Sample.AspNetCore.csproj
├── Samples
│ └── ClientIdRateLimiterPolicy.cs
├── WeatherForecast.cs
├── appsettings.Development.json
└── appsettings.json
└── RedisRateLimiting.Tests
├── ClientIdPolicyIntegrationTests.cs
├── ConcurrencyIntegrationTests.cs
├── FixedWindowIntegrationTests.cs
├── Helpers
└── AssertExtensions.cs
├── RedisRateLimiting.Tests.csproj
├── SlidingWindowIntegrationTests.cs
├── TokenBucketIntegrationTests.cs
├── UnitTests
├── ConcurrencyUnitTests.cs
├── FixedWindowUnitTests.cs
├── SlidingWindowUnitTests.cs
├── TestFixture.cs
└── TokenBucketUnitTests.cs
└── appsettings.json
/.gitattributes:
--------------------------------------------------------------------------------
1 | ###############################################################################
2 | # Set default behavior to automatically normalize line endings.
3 | ###############################################################################
4 | * text=auto
5 |
6 | ###############################################################################
7 | # Set default behavior for command prompt diff.
8 | #
9 | # This is need for earlier builds of msysgit that does not have it on by
10 | # default for csharp files.
11 | # Note: This is only used by command line
12 | ###############################################################################
13 | #*.cs diff=csharp
14 |
15 | ###############################################################################
16 | # Set the merge driver for project and solution files
17 | #
18 | # Merging from the command prompt will add diff markers to the files if there
19 | # are conflicts (Merging from VS is not affected by the settings below, in VS
20 | # the diff markers are never inserted). Diff markers may cause the following
21 | # file extensions to fail to load in VS. An alternative would be to treat
22 | # these files as binary and thus will always conflict and require user
23 | # intervention with every merge. To do so, just uncomment the entries below
24 | ###############################################################################
25 | #*.sln merge=binary
26 | #*.csproj merge=binary
27 | #*.vbproj merge=binary
28 | #*.vcxproj merge=binary
29 | #*.vcproj merge=binary
30 | #*.dbproj merge=binary
31 | #*.fsproj merge=binary
32 | #*.lsproj merge=binary
33 | #*.wixproj merge=binary
34 | #*.modelproj merge=binary
35 | #*.sqlproj merge=binary
36 | #*.wwaproj merge=binary
37 |
38 | ###############################################################################
39 | # behavior for image files
40 | #
41 | # image files are treated as binary by default.
42 | ###############################################################################
43 | #*.jpg binary
44 | #*.png binary
45 | #*.gif binary
46 |
47 | ###############################################################################
48 | # diff behavior for common document formats
49 | #
50 | # Convert binary document formats to text before diffing them. This feature
51 | # is only available from the command line. Turn it on by uncommenting the
52 | # entries below.
53 | ###############################################################################
54 | #*.doc diff=astextplain
55 | #*.DOC diff=astextplain
56 | #*.docx diff=astextplain
57 | #*.DOCX diff=astextplain
58 | #*.dot diff=astextplain
59 | #*.DOT diff=astextplain
60 | #*.pdf diff=astextplain
61 | #*.PDF diff=astextplain
62 | #*.rtf diff=astextplain
63 | #*.RTF diff=astextplain
64 |
--------------------------------------------------------------------------------
/.github/dependabot.yml:
--------------------------------------------------------------------------------
1 | version: 2
2 | updates:
3 | - package-ecosystem: nuget
4 | directory: "/"
5 | schedule:
6 | interval: weekly
7 | open-pull-requests-limit: 10
8 | assignees:
9 | - "cristipufu"
--------------------------------------------------------------------------------
/.github/workflows/build.yml:
--------------------------------------------------------------------------------
1 | name: SonarCloud
2 | on:
3 | push:
4 | branches:
5 | - master
6 | pull_request_target:
7 | types: [opened, synchronize, reopened]
8 | jobs:
9 | build:
10 | name: Build and analyze
11 | runs-on: windows-latest
12 | steps:
13 | - name: Set up JDK 17
14 | uses: actions/setup-java@v3
15 | with:
16 | distribution: 'zulu'
17 | java-version: '17'
18 | - uses: actions/checkout@v3
19 | with:
20 | fetch-depth: 0
21 | ref: ${{ github.event.pull_request.head.ref || github.ref }}
22 | - name: Cache SonarCloud packages
23 | uses: actions/cache@v3
24 | with:
25 | path: ~\sonar\cache
26 | key: ${{ runner.os }}-sonar
27 | restore-keys: ${{ runner.os }}-sonar
28 | - name: Cache SonarCloud scanner
29 | id: cache-sonar-scanner
30 | uses: actions/cache@v3
31 | with:
32 | path: .\.sonar\scanner
33 | key: ${{ runner.os }}-sonar-scanner
34 | restore-keys: ${{ runner.os }}-sonar-scanner
35 | - name: Install SonarCloud scanner
36 | if: steps.cache-sonar-scanner.outputs.cache-hit != 'true'
37 | shell: powershell
38 | run: |
39 | New-Item -Path .\.sonar\scanner -ItemType Directory
40 | dotnet tool update dotnet-sonarscanner --tool-path .\.sonar\scanner
41 | - name: Setup .NET 8
42 | uses: actions/setup-dotnet@v3
43 | with:
44 | dotnet-version: '8.0.100-rc.2.23502.2'
45 | - name: Build and analyze
46 | env:
47 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
48 | SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
49 | ConnectionStrings__Redis: ${{ secrets.REDIS }}
50 | shell: powershell
51 | run: |
52 | .\.sonar\scanner\dotnet-sonarscanner begin /k:"cristipufu_aspnetcore-redis-rate-limiting" /o:"cristipufu" /d:sonar.login="${{ secrets.SONAR_TOKEN }}" /d:sonar.host.url="https://sonarcloud.io" /d:sonar.cs.vscoveragexml.reportsPaths=coverage.xml
53 | dotnet tool install --global dotnet-coverage
54 | dotnet build --no-incremental --configuration Debug
55 | dotnet-coverage collect 'dotnet test --configuration Debug --no-build' -f xml -o 'coverage.xml'
56 | $testExitCode = $LASTEXITCODE
57 | .\.sonar\scanner\dotnet-sonarscanner end /d:sonar.login="${{ secrets.SONAR_TOKEN }}"
58 | if ($testExitCode -ne 0) { exit $testExitCode }
--------------------------------------------------------------------------------
/.github/workflows/nuget_push.yml:
--------------------------------------------------------------------------------
1 | name: NuGet Push
2 |
3 | on:
4 | workflow_dispatch:
5 |
6 | jobs:
7 | build:
8 | runs-on: ubuntu-latest
9 | name: Update NuGet package
10 | steps:
11 |
12 | - name: Checkout repository
13 | uses: actions/checkout@v1
14 |
15 | - name: Setup .NET Core @ Latest
16 | uses: actions/setup-dotnet@v4
17 | with:
18 | dotnet-version: '8.0.x'
19 |
20 | - name: Build and Publish
21 | run: |
22 | cd ./src/RedisRateLimiting/
23 | dotnet pack -c Release -o artifacts -p:PackageVersion=1.2.0
24 |
25 | - name: Push
26 | run: dotnet nuget push ./src/RedisRateLimiting/artifacts/RedisRateLimiting.1.2.0.nupkg -k ${{ secrets.NUGET_APIKEY }} -s https://api.nuget.org/v3/index.json
27 |
--------------------------------------------------------------------------------
/.github/workflows/nuget_push_aspnetcore.yml:
--------------------------------------------------------------------------------
1 | name: AspNetCore NuGet Push
2 |
3 | on:
4 | workflow_dispatch:
5 |
6 | jobs:
7 | build:
8 | runs-on: ubuntu-latest
9 | name: Update AspNetCore NuGet package
10 | steps:
11 |
12 | - name: Checkout repository
13 | uses: actions/checkout@v1
14 |
15 | - name: Setup .NET Core @ Latest
16 | uses: actions/setup-dotnet@v4
17 | with:
18 | dotnet-version: '8.0.x'
19 |
20 | - name: Build and Publish
21 | run: |
22 | cd ./src/RedisRateLimiting.AspNetCore/
23 | dotnet pack -c Release -o artifacts -p:PackageVersion=1.2.0
24 |
25 | - name: Push
26 | run: dotnet nuget push ./src/RedisRateLimiting.AspNetCore/artifacts/RedisRateLimiting.AspNetCore.1.2.0.nupkg -k ${{ secrets.NUGET_APIKEY }} -s https://api.nuget.org/v3/index.json
27 |
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | ## Ignore Visual Studio temporary files, build results, and
2 | ## files generated by popular Visual Studio add-ons.
3 | ##
4 | ## Get latest from https://github.com/github/gitignore/blob/master/VisualStudio.gitignore
5 |
6 | # User-specific files
7 | *.rsuser
8 | *.suo
9 | *.user
10 | *.userosscache
11 | *.sln.docstates
12 |
13 | # User-specific files (MonoDevelop/Xamarin Studio)
14 | *.userprefs
15 |
16 | # Mono auto generated files
17 | mono_crash.*
18 |
19 | # Build results
20 | [Dd]ebug/
21 | [Dd]ebugPublic/
22 | [Rr]elease/
23 | [Rr]eleases/
24 | x64/
25 | x86/
26 | [Ww][Ii][Nn]32/
27 | [Aa][Rr][Mm]/
28 | [Aa][Rr][Mm]64/
29 | bld/
30 | [Bb]in/
31 | [Oo]bj/
32 | [Oo]ut/
33 | [Ll]og/
34 | [Ll]ogs/
35 |
36 | # Visual Studio 2015/2017 cache/options directory
37 | .vs/
38 | # Uncomment if you have tasks that create the project's static files in wwwroot
39 | #wwwroot/
40 |
41 | # Visual Studio 2017 auto generated files
42 | Generated\ Files/
43 |
44 | # MSTest test Results
45 | [Tt]est[Rr]esult*/
46 | [Bb]uild[Ll]og.*
47 |
48 | # NUnit
49 | *.VisualState.xml
50 | TestResult.xml
51 | nunit-*.xml
52 |
53 | # Build Results of an ATL Project
54 | [Dd]ebugPS/
55 | [Rr]eleasePS/
56 | dlldata.c
57 |
58 | # Benchmark Results
59 | BenchmarkDotNet.Artifacts/
60 |
61 | # .NET Core
62 | project.lock.json
63 | project.fragment.lock.json
64 | artifacts/
65 |
66 | # ASP.NET Scaffolding
67 | ScaffoldingReadMe.txt
68 |
69 | # StyleCop
70 | StyleCopReport.xml
71 |
72 | # Files built by Visual Studio
73 | *_i.c
74 | *_p.c
75 | *_h.h
76 | *.ilk
77 | *.meta
78 | *.obj
79 | *.iobj
80 | *.pch
81 | *.pdb
82 | *.ipdb
83 | *.pgc
84 | *.pgd
85 | *.rsp
86 | *.sbr
87 | *.tlb
88 | *.tli
89 | *.tlh
90 | *.tmp
91 | *.tmp_proj
92 | *_wpftmp.csproj
93 | *.log
94 | *.vspscc
95 | *.vssscc
96 | .builds
97 | *.pidb
98 | *.svclog
99 | *.scc
100 |
101 | # Chutzpah Test files
102 | _Chutzpah*
103 |
104 | # Visual C++ cache files
105 | ipch/
106 | *.aps
107 | *.ncb
108 | *.opendb
109 | *.opensdf
110 | *.sdf
111 | *.cachefile
112 | *.VC.db
113 | *.VC.VC.opendb
114 |
115 | # Visual Studio profiler
116 | *.psess
117 | *.vsp
118 | *.vspx
119 | *.sap
120 |
121 | # Visual Studio Trace Files
122 | *.e2e
123 |
124 | # TFS 2012 Local Workspace
125 | $tf/
126 |
127 | # Guidance Automation Toolkit
128 | *.gpState
129 |
130 | # ReSharper is a .NET coding add-in
131 | _ReSharper*/
132 | *.[Rr]e[Ss]harper
133 | *.DotSettings.user
134 |
135 | # TeamCity is a build add-in
136 | _TeamCity*
137 |
138 | # DotCover is a Code Coverage Tool
139 | *.dotCover
140 |
141 | # AxoCover is a Code Coverage Tool
142 | .axoCover/*
143 | !.axoCover/settings.json
144 |
145 | # Coverlet is a free, cross platform Code Coverage Tool
146 | coverage*.json
147 | coverage*.xml
148 | coverage*.info
149 |
150 | # Visual Studio code coverage results
151 | *.coverage
152 | *.coveragexml
153 |
154 | # NCrunch
155 | _NCrunch_*
156 | .*crunch*.local.xml
157 | nCrunchTemp_*
158 |
159 | # MightyMoose
160 | *.mm.*
161 | AutoTest.Net/
162 |
163 | # Web workbench (sass)
164 | .sass-cache/
165 |
166 | # Installshield output folder
167 | [Ee]xpress/
168 |
169 | # DocProject is a documentation generator add-in
170 | DocProject/buildhelp/
171 | DocProject/Help/*.HxT
172 | DocProject/Help/*.HxC
173 | DocProject/Help/*.hhc
174 | DocProject/Help/*.hhk
175 | DocProject/Help/*.hhp
176 | DocProject/Help/Html2
177 | DocProject/Help/html
178 |
179 | # Click-Once directory
180 | publish/
181 |
182 | # Publish Web Output
183 | *.[Pp]ublish.xml
184 | *.azurePubxml
185 | # Note: Comment the next line if you want to checkin your web deploy settings,
186 | # but database connection strings (with potential passwords) will be unencrypted
187 | *.pubxml
188 | *.publishproj
189 |
190 | # Microsoft Azure Web App publish settings. Comment the next line if you want to
191 | # checkin your Azure Web App publish settings, but sensitive information contained
192 | # in these scripts will be unencrypted
193 | PublishScripts/
194 |
195 | # NuGet Packages
196 | *.nupkg
197 | # NuGet Symbol Packages
198 | *.snupkg
199 | # The packages folder can be ignored because of Package Restore
200 | **/[Pp]ackages/*
201 | # except build/, which is used as an MSBuild target.
202 | !**/[Pp]ackages/build/
203 | # Uncomment if necessary however generally it will be regenerated when needed
204 | #!**/[Pp]ackages/repositories.config
205 | # NuGet v3's project.json files produces more ignorable files
206 | *.nuget.props
207 | *.nuget.targets
208 |
209 | # Microsoft Azure Build Output
210 | csx/
211 | *.build.csdef
212 |
213 | # Microsoft Azure Emulator
214 | ecf/
215 | rcf/
216 |
217 | # Windows Store app package directories and files
218 | AppPackages/
219 | BundleArtifacts/
220 | Package.StoreAssociation.xml
221 | _pkginfo.txt
222 | *.appx
223 | *.appxbundle
224 | *.appxupload
225 |
226 | # Visual Studio cache files
227 | # files ending in .cache can be ignored
228 | *.[Cc]ache
229 | # but keep track of directories ending in .cache
230 | !?*.[Cc]ache/
231 |
232 | # Others
233 | ClientBin/
234 | ~$*
235 | *~
236 | *.dbmdl
237 | *.dbproj.schemaview
238 | *.jfm
239 | *.pfx
240 | *.publishsettings
241 | orleans.codegen.cs
242 |
243 | # Including strong name files can present a security risk
244 | # (https://github.com/github/gitignore/pull/2483#issue-259490424)
245 | #*.snk
246 |
247 | # Since there are multiple workflows, uncomment next line to ignore bower_components
248 | # (https://github.com/github/gitignore/pull/1529#issuecomment-104372622)
249 | #bower_components/
250 |
251 | # RIA/Silverlight projects
252 | Generated_Code/
253 |
254 | # Backup & report files from converting an old project file
255 | # to a newer Visual Studio version. Backup files are not needed,
256 | # because we have git ;-)
257 | _UpgradeReport_Files/
258 | Backup*/
259 | UpgradeLog*.XML
260 | UpgradeLog*.htm
261 | ServiceFabricBackup/
262 | *.rptproj.bak
263 |
264 | # SQL Server files
265 | *.mdf
266 | *.ldf
267 | *.ndf
268 |
269 | # Business Intelligence projects
270 | *.rdl.data
271 | *.bim.layout
272 | *.bim_*.settings
273 | *.rptproj.rsuser
274 | *- [Bb]ackup.rdl
275 | *- [Bb]ackup ([0-9]).rdl
276 | *- [Bb]ackup ([0-9][0-9]).rdl
277 |
278 | # Microsoft Fakes
279 | FakesAssemblies/
280 |
281 | # GhostDoc plugin setting file
282 | *.GhostDoc.xml
283 |
284 | # Node.js Tools for Visual Studio
285 | .ntvs_analysis.dat
286 | node_modules/
287 |
288 | # Visual Studio 6 build log
289 | *.plg
290 |
291 | # Visual Studio 6 workspace options file
292 | *.opt
293 |
294 | # Visual Studio 6 auto-generated workspace file (contains which files were open etc.)
295 | *.vbw
296 |
297 | # Visual Studio LightSwitch build output
298 | **/*.HTMLClient/GeneratedArtifacts
299 | **/*.DesktopClient/GeneratedArtifacts
300 | **/*.DesktopClient/ModelManifest.xml
301 | **/*.Server/GeneratedArtifacts
302 | **/*.Server/ModelManifest.xml
303 | _Pvt_Extensions
304 |
305 | # Paket dependency manager
306 | .paket/paket.exe
307 | paket-files/
308 |
309 | # FAKE - F# Make
310 | .fake/
311 |
312 | # CodeRush personal settings
313 | .cr/personal
314 |
315 | # Python Tools for Visual Studio (PTVS)
316 | __pycache__/
317 | *.pyc
318 |
319 | # Cake - Uncomment if you are using it
320 | # tools/**
321 | # !tools/packages.config
322 |
323 | # Tabs Studio
324 | *.tss
325 |
326 | # Telerik's JustMock configuration file
327 | *.jmconfig
328 |
329 | # BizTalk build output
330 | *.btp.cs
331 | *.btm.cs
332 | *.odx.cs
333 | *.xsd.cs
334 |
335 | # OpenCover UI analysis results
336 | OpenCover/
337 |
338 | # Azure Stream Analytics local run output
339 | ASALocalRun/
340 |
341 | # MSBuild Binary and Structured Log
342 | *.binlog
343 |
344 | # NVidia Nsight GPU debugger configuration file
345 | *.nvuser
346 |
347 | # MFractors (Xamarin productivity tool) working folder
348 | .mfractor/
349 |
350 | # Local History for Visual Studio
351 | .localhistory/
352 |
353 | # BeatPulse healthcheck temp database
354 | healthchecksdb
355 |
356 | # Backup folder for Package Reference Convert tool in Visual Studio 2017
357 | MigrationBackup/
358 |
359 | # Ionide (cross platform F# VS Code tools) working folder
360 | .ionide/
361 |
362 | # Fody - auto-generated XML schema
363 | FodyWeavers.xsd
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | MIT License
2 |
3 | Copyright (c) 2024 Cristi Pufu
4 |
5 | Permission is hereby granted, free of charge, to any person obtaining a copy
6 | of this software and associated documentation files (the "Software"), to deal
7 | in the Software without restriction, including without limitation the rights
8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 |
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 |
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # aspnetcore-redis-rate-limiting
2 |
3 | [](https://www.nuget.org/packages/RedisRateLimiting)
4 | [](https://www.nuget.org/packages/RedisRateLimiting.AspNetCore)
5 | [](https://www.nuget.org/packages/RedisRateLimiting)
6 | [](https://sonarcloud.io/summary/new_code?id=cristipufu_aspnetcore-redis-rate-limiting)
7 | [](https://sonarcloud.io/summary/new_code?id=cristipufu_aspnetcore-redis-rate-limiting)
8 | [](https://sonarcloud.io/summary/new_code?id=cristipufu_aspnetcore-redis-rate-limiting)
9 | [](https://github.com/cristipufu/aspnetcore-redis-rate-limiting/blob/master/LICENSE)
10 |
11 | Set up a Redis backplane for Rate Limiting ASP.NET Core multi-node deployments. The library is build on top of the [built-in Rate Limiting support that's part of .NET 7 and .NET 8](https://devblogs.microsoft.com/dotnet/announcing-rate-limiting-for-dotnet/).
12 |
13 | For more advanced use cases you can check out the [official documentation here](https://learn.microsoft.com/en-us/aspnet/core/performance/rate-limit?view=aspnetcore-7.0).
14 |
15 |
16 |
17 | # install
18 |
19 | ```xml
20 | PM> Install-Package RedisRateLimiting
21 | ```
22 | ```
23 | TargetFramework: net7.0; net8.0
24 |
25 | Dependencies:
26 | StackExchange.Redis
27 | System.Threading.RateLimiting
28 | ```
29 |
30 | ```xml
31 | PM> Install-Package RedisRateLimiting.AspNetCore
32 | ```
33 | ```
34 | TargetFramework: net7.0; net8.0
35 |
36 | Dependencies:
37 | RedisRateLimiting
38 | ```
39 |
40 | # strategies
41 |
42 | ## Concurrent Requests Rate Limiting
43 |
44 |
45 |
46 | Concurrency Rate Limiter limits how many concurrent requests can access a resource. If your limit is 10, then 10 requests can access a resource at once and the 11th request will not be allowed. Once the first request completes, the number of allowed requests increases to 1, when the second request completes, the number increases to 2, etc.
47 |
48 | Instead of "You can use our API 1000 times per second", this rate limiting strategy says "You can only have 20 API requests in progress at the same time".
49 |
50 |
51 |
52 | 
53 |
54 |
55 |
56 | You can use a new instance of the [RedisConcurrencyRateLimiter](https://github.com/cristipufu/aspnetcore-redis-rate-limiting/blob/master/src/RedisRateLimiting/Concurrency/RedisConcurrencyRateLimiter.cs) class or configure the predefined extension method:
57 |
58 | ```C#
59 | builder.Services.AddRateLimiter(options =>
60 | {
61 | options.AddRedisConcurrencyLimiter("demo_concurrency", (opt) =>
62 | {
63 | opt.ConnectionMultiplexerFactory = () => connectionMultiplexer;
64 | opt.PermitLimit = 5;
65 | // Queue requests when the limit is reached
66 | //opt.QueueLimit = 5
67 | });
68 | });
69 | ```
70 |
71 |
72 |
73 | 
74 |
75 |
76 |
77 | ## Fixed Window Rate Limiting
78 |
79 |
80 |
81 | The Fixed Window algorithm uses the concept of a window. The window is the amount of time that our limit is applied before we move on to the next window. In the Fixed Window strategy, moving to the next window means resetting the limit back to its starting point.
82 |
83 |
84 |
85 | 
86 |
87 |
88 |
89 | You can use a new instance of the [RedisFixedWindowRateLimiter](https://github.com/cristipufu/aspnetcore-redis-rate-limiting/blob/master/src/RedisRateLimiting/FixedWindow/RedisFixedWindowRateLimiter.cs) class or configure the predefined extension method:
90 |
91 | ```C#
92 | builder.Services.AddRateLimiter(options =>
93 | {
94 | options.AddRedisFixedWindowLimiter("demo_fixed_window", (opt) =>
95 | {
96 | opt.ConnectionMultiplexerFactory = () => connectionMultiplexer;
97 | opt.PermitLimit = 1;
98 | opt.Window = TimeSpan.FromSeconds(2);
99 | });
100 | });
101 | ```
102 |
103 |
104 |
105 | ## Sliding Window Rate Limiting
106 |
107 |
108 |
109 | Unlike the Fixed Window Rate Limiter, which groups the requests into a bucket based on a very definitive time window, the Sliding Window Rate Limiter, restricts requests relative to the current request's timestamp. For example, if you have a 10 req/minute rate limiter, on a fixed window, you could encounter a case where the rate-limiter allows 20 requests during a one minute interval. This can happen if the first 10 requests are on the left side of the current window, and the next 10 requests are on the right side of the window, both having enough space in their respective buckets to be allowed through. If you send those same 20 requests through a Sliding Window Rate Limiter, if they are all sent during a one minute window, only 10 will make it through.
110 |
111 |
112 |
113 | 
114 |
115 |
116 |
117 | You can use a new instance of the [RedisSlidingWindowRateLimiter](https://github.com/cristipufu/aspnetcore-redis-rate-limiting/blob/master/src/RedisRateLimiting/SlidingWindow/RedisSlidingWindowRateLimiter.cs) class or configure the predefined extension method:
118 |
119 | ```C#
120 | builder.Services.AddRateLimiter(options =>
121 | {
122 | options.AddRedisSlidingWindowLimiter("demo_sliding_window", (opt) =>
123 | {
124 | opt.ConnectionMultiplexerFactory = () => connectionMultiplexer;
125 | opt.PermitLimit = 1;
126 | opt.Window = TimeSpan.FromSeconds(2);
127 | });
128 | });
129 | ```
130 |
131 |
132 |
133 | ## Token Bucket Rate Limiting
134 |
135 |
136 |
137 | Token Bucket is an algorithm that derives its name from describing how it works. Imagine there is a bucket filled to the brim with tokens. When a request comes in, it takes a token and keeps it forever. After some consistent period of time, someone adds a pre-determined number of tokens back to the bucket, never adding more than the bucket can hold. If the bucket is empty, when a request comes in, the request is denied access to the resource.
138 |
139 |
140 |
141 | 
142 |
143 |
144 |
145 | You can use a new instance of the [RedisTokenBucketRateLimiter](https://github.com/cristipufu/aspnetcore-redis-rate-limiting/blob/master/src/RedisRateLimiting/TokenBucket/RedisTokenBucketRateLimiter.cs) class or configure the predefined extension method:
146 |
147 | ```C#
148 | builder.Services.AddRateLimiter(options =>
149 | {
150 | options.AddRedisTokenBucketLimiter("demo_token_bucket", (opt) =>
151 | {
152 | opt.ConnectionMultiplexerFactory = () => connectionMultiplexer;
153 | opt.TokenLimit = 2;
154 | opt.TokensPerPeriod = 1;
155 | opt.ReplenishmentPeriod = TimeSpan.FromSeconds(2);
156 | });
157 | });
158 | ```
159 |
160 |
161 |
162 | ## snippets
163 |
164 | These samples intentionally keep things simple for clarity.
165 |
166 | - [Custom Rate Limiting Policies](https://github.com/cristipufu/aspnetcore-redis-rate-limiting/wiki/Custom-Rate-Limiting-Policies)
167 | - [Rate Limiting Headers](https://github.com/cristipufu/aspnetcore-redis-rate-limiting/wiki/Rate-Limiting-Headers)
168 |
169 |
170 |
171 |
172 |
173 |
174 |
--------------------------------------------------------------------------------
/RedisRateLimiting.sln:
--------------------------------------------------------------------------------
1 |
2 | Microsoft Visual Studio Solution File, Format Version 12.00
3 | # Visual Studio Version 17
4 | VisualStudioVersion = 17.3.32929.385
5 | MinimumVisualStudioVersion = 10.0.40219.1
6 | Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "src", "src", "{F267466D-709D-4CC4-9FC7-7DF4C212FC3E}"
7 | EndProject
8 | Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "test", "test", "{D6A4A9C6-F4BD-47A0-A6BC-CE262559E5C6}"
9 | EndProject
10 | Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "RedisRateLimiting.Sample.AspNetCore", "test\RedisRateLimiting.Sample.AspNetCore\RedisRateLimiting.Sample.AspNetCore.csproj", "{5BE4A3E4-9F05-4098-A2A9-FE76CE17BCA6}"
11 | EndProject
12 | Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "RedisRateLimiting", "src\RedisRateLimiting\RedisRateLimiting.csproj", "{A2505BC2-92D6-42B1-8B2A-3272F02C1EAF}"
13 | EndProject
14 | Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "RedisRateLimiting.Tests", "test\RedisRateLimiting.Tests\RedisRateLimiting.Tests.csproj", "{5C0B495C-5C21-4624-8883-720BEC63B8B2}"
15 | EndProject
16 | Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "RedisRateLimiting.AspNetCore", "src\RedisRateLimiting.AspNetCore\RedisRateLimiting.AspNetCore.csproj", "{EF9062B1-D1CB-416D-AB9D-D92956C4921F}"
17 | EndProject
18 | Global
19 | GlobalSection(SolutionConfigurationPlatforms) = preSolution
20 | Debug|Any CPU = Debug|Any CPU
21 | Release|Any CPU = Release|Any CPU
22 | EndGlobalSection
23 | GlobalSection(ProjectConfigurationPlatforms) = postSolution
24 | {5BE4A3E4-9F05-4098-A2A9-FE76CE17BCA6}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
25 | {5BE4A3E4-9F05-4098-A2A9-FE76CE17BCA6}.Debug|Any CPU.Build.0 = Debug|Any CPU
26 | {5BE4A3E4-9F05-4098-A2A9-FE76CE17BCA6}.Release|Any CPU.ActiveCfg = Release|Any CPU
27 | {5BE4A3E4-9F05-4098-A2A9-FE76CE17BCA6}.Release|Any CPU.Build.0 = Release|Any CPU
28 | {A2505BC2-92D6-42B1-8B2A-3272F02C1EAF}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
29 | {A2505BC2-92D6-42B1-8B2A-3272F02C1EAF}.Debug|Any CPU.Build.0 = Debug|Any CPU
30 | {A2505BC2-92D6-42B1-8B2A-3272F02C1EAF}.Release|Any CPU.ActiveCfg = Release|Any CPU
31 | {A2505BC2-92D6-42B1-8B2A-3272F02C1EAF}.Release|Any CPU.Build.0 = Release|Any CPU
32 | {5C0B495C-5C21-4624-8883-720BEC63B8B2}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
33 | {5C0B495C-5C21-4624-8883-720BEC63B8B2}.Debug|Any CPU.Build.0 = Debug|Any CPU
34 | {5C0B495C-5C21-4624-8883-720BEC63B8B2}.Release|Any CPU.ActiveCfg = Release|Any CPU
35 | {5C0B495C-5C21-4624-8883-720BEC63B8B2}.Release|Any CPU.Build.0 = Release|Any CPU
36 | {EF9062B1-D1CB-416D-AB9D-D92956C4921F}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
37 | {EF9062B1-D1CB-416D-AB9D-D92956C4921F}.Debug|Any CPU.Build.0 = Debug|Any CPU
38 | {EF9062B1-D1CB-416D-AB9D-D92956C4921F}.Release|Any CPU.ActiveCfg = Release|Any CPU
39 | {EF9062B1-D1CB-416D-AB9D-D92956C4921F}.Release|Any CPU.Build.0 = Release|Any CPU
40 | EndGlobalSection
41 | GlobalSection(SolutionProperties) = preSolution
42 | HideSolutionNode = FALSE
43 | EndGlobalSection
44 | GlobalSection(NestedProjects) = preSolution
45 | {5BE4A3E4-9F05-4098-A2A9-FE76CE17BCA6} = {D6A4A9C6-F4BD-47A0-A6BC-CE262559E5C6}
46 | {A2505BC2-92D6-42B1-8B2A-3272F02C1EAF} = {F267466D-709D-4CC4-9FC7-7DF4C212FC3E}
47 | {5C0B495C-5C21-4624-8883-720BEC63B8B2} = {D6A4A9C6-F4BD-47A0-A6BC-CE262559E5C6}
48 | {EF9062B1-D1CB-416D-AB9D-D92956C4921F} = {F267466D-709D-4CC4-9FC7-7DF4C212FC3E}
49 | EndGlobalSection
50 | GlobalSection(ExtensibilityGlobals) = postSolution
51 | SolutionGuid = {C4DA8CE4-B0F4-4ACF-A961-1F1A354B6B89}
52 | EndGlobalSection
53 | EndGlobal
54 |
--------------------------------------------------------------------------------
/docs/concurrency.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cristipufu/aspnetcore-redis-rate-limiting/a6282f27703664a502cc5a8690053795c971fff2/docs/concurrency.png
--------------------------------------------------------------------------------
/docs/concurrent.excalidraw:
--------------------------------------------------------------------------------
1 | {
2 | "type": "excalidraw",
3 | "version": 2,
4 | "source": "https://excalidraw.com",
5 | "elements": [
6 | {
7 | "type": "rectangle",
8 | "version": 260,
9 | "versionNonce": 1583974374,
10 | "isDeleted": false,
11 | "id": "2q9LR5NwCXd99xEoeKG9w",
12 | "fillStyle": "solid",
13 | "strokeWidth": 1,
14 | "strokeStyle": "solid",
15 | "roughness": 1,
16 | "opacity": 100,
17 | "angle": 0,
18 | "x": 753,
19 | "y": 467.03468322753906,
20 | "strokeColor": "#000000",
21 | "backgroundColor": "#fff",
22 | "width": 257,
23 | "height": 101.93063354492188,
24 | "seed": 409522403,
25 | "groupIds": [],
26 | "strokeSharpness": "round",
27 | "boundElements": [
28 | {
29 | "id": "ws0W9X53qIvWrct3Bm-gk",
30 | "type": "arrow"
31 | },
32 | {
33 | "id": "c5lnM9deNPuVh_1nmkjrE",
34 | "type": "arrow"
35 | },
36 | {
37 | "id": "UK6230vSegCaJ8IGxayfQ",
38 | "type": "arrow"
39 | }
40 | ],
41 | "updated": 1669568566223,
42 | "link": null,
43 | "locked": false
44 | },
45 | {
46 | "type": "arrow",
47 | "version": 164,
48 | "versionNonce": 1019203962,
49 | "isDeleted": false,
50 | "id": "kD1O4mESCikguO0o3HfxZ",
51 | "fillStyle": "hachure",
52 | "strokeWidth": 1,
53 | "strokeStyle": "solid",
54 | "roughness": 1,
55 | "opacity": 100,
56 | "angle": 0,
57 | "x": 555,
58 | "y": 521,
59 | "strokeColor": "#000000",
60 | "backgroundColor": "transparent",
61 | "width": 164,
62 | "height": 1,
63 | "seed": 136123939,
64 | "groupIds": [],
65 | "strokeSharpness": "round",
66 | "boundElements": [],
67 | "updated": 1669568566223,
68 | "link": null,
69 | "locked": false,
70 | "startBinding": null,
71 | "endBinding": null,
72 | "lastCommittedPoint": null,
73 | "startArrowhead": null,
74 | "endArrowhead": "arrow",
75 | "points": [
76 | [
77 | 0,
78 | 0
79 | ],
80 | [
81 | 164,
82 | 1
83 | ]
84 | ]
85 | },
86 | {
87 | "type": "text",
88 | "version": 110,
89 | "versionNonce": 1291557670,
90 | "isDeleted": false,
91 | "id": "h0prbZh_7h3PQY1EuIUHk",
92 | "fillStyle": "hachure",
93 | "strokeWidth": 1,
94 | "strokeStyle": "solid",
95 | "roughness": 1,
96 | "opacity": 100,
97 | "angle": 0,
98 | "x": 554,
99 | "y": 479,
100 | "strokeColor": "#000000",
101 | "backgroundColor": "transparent",
102 | "width": 169,
103 | "height": 25,
104 | "seed": 389723405,
105 | "groupIds": [],
106 | "strokeSharpness": "sharp",
107 | "boundElements": [],
108 | "updated": 1669568566223,
109 | "link": null,
110 | "locked": false,
111 | "fontSize": 20,
112 | "fontFamily": 1,
113 | "text": "incoming requests",
114 | "baseline": 18,
115 | "textAlign": "left",
116 | "verticalAlign": "top",
117 | "containerId": null,
118 | "originalText": "incoming requests"
119 | },
120 | {
121 | "type": "ellipse",
122 | "version": 155,
123 | "versionNonce": 1182503482,
124 | "isDeleted": false,
125 | "id": "_RNBhk3ENIOi8KNAXZnKL",
126 | "fillStyle": "hachure",
127 | "strokeWidth": 1,
128 | "strokeStyle": "solid",
129 | "roughness": 1,
130 | "opacity": 100,
131 | "angle": 0,
132 | "x": 760,
133 | "y": 510,
134 | "strokeColor": "#000000",
135 | "backgroundColor": "transparent",
136 | "width": 21,
137 | "height": 19,
138 | "seed": 1390599693,
139 | "groupIds": [],
140 | "strokeSharpness": "sharp",
141 | "boundElements": [],
142 | "updated": 1669568566223,
143 | "link": null,
144 | "locked": false
145 | },
146 | {
147 | "type": "text",
148 | "version": 445,
149 | "versionNonce": 1231322534,
150 | "isDeleted": false,
151 | "id": "zKucWcYdZdj08CKQTWqaD",
152 | "fillStyle": "hachure",
153 | "strokeWidth": 1,
154 | "strokeStyle": "solid",
155 | "roughness": 1,
156 | "opacity": 100,
157 | "angle": 0,
158 | "x": 805,
159 | "y": 534,
160 | "strokeColor": "#000000",
161 | "backgroundColor": "transparent",
162 | "width": 145,
163 | "height": 25,
164 | "seed": 1977177571,
165 | "groupIds": [],
166 | "strokeSharpness": "sharp",
167 | "boundElements": [],
168 | "updated": 1669568578385,
169 | "link": null,
170 | "locked": false,
171 | "fontSize": 20,
172 | "fontFamily": 1,
173 | "text": "count < limit ?",
174 | "baseline": 18,
175 | "textAlign": "left",
176 | "verticalAlign": "top",
177 | "containerId": null,
178 | "originalText": "count < limit ?"
179 | },
180 | {
181 | "type": "ellipse",
182 | "version": 193,
183 | "versionNonce": 1283537658,
184 | "isDeleted": false,
185 | "id": "4dlcp2vnvT-IKakze6Xjz",
186 | "fillStyle": "hachure",
187 | "strokeWidth": 1,
188 | "strokeStyle": "solid",
189 | "roughness": 1,
190 | "opacity": 100,
191 | "angle": 0,
192 | "x": 796.5,
193 | "y": 477.5,
194 | "strokeColor": "#000000",
195 | "backgroundColor": "transparent",
196 | "width": 21,
197 | "height": 19,
198 | "seed": 1045318211,
199 | "groupIds": [],
200 | "strokeSharpness": "sharp",
201 | "boundElements": [],
202 | "updated": 1669568566224,
203 | "link": null,
204 | "locked": false
205 | },
206 | {
207 | "type": "ellipse",
208 | "version": 176,
209 | "versionNonce": 595560870,
210 | "isDeleted": false,
211 | "id": "3ZKvXKJWfPuttMhEa_n8j",
212 | "fillStyle": "hachure",
213 | "strokeWidth": 1,
214 | "strokeStyle": "solid",
215 | "roughness": 1,
216 | "opacity": 100,
217 | "angle": 0,
218 | "x": 766.5,
219 | "y": 484.5,
220 | "strokeColor": "#000000",
221 | "backgroundColor": "transparent",
222 | "width": 21,
223 | "height": 19,
224 | "seed": 1544633517,
225 | "groupIds": [],
226 | "strokeSharpness": "sharp",
227 | "boundElements": [],
228 | "updated": 1669568566224,
229 | "link": null,
230 | "locked": false
231 | },
232 | {
233 | "type": "ellipse",
234 | "version": 190,
235 | "versionNonce": 2102643642,
236 | "isDeleted": false,
237 | "id": "t3LasQZZPpkmcJV3q16jG",
238 | "fillStyle": "hachure",
239 | "strokeWidth": 1,
240 | "strokeStyle": "solid",
241 | "roughness": 1,
242 | "opacity": 100,
243 | "angle": 0,
244 | "x": 784.5,
245 | "y": 507.5,
246 | "strokeColor": "#000000",
247 | "backgroundColor": "transparent",
248 | "width": 21,
249 | "height": 19,
250 | "seed": 1177273005,
251 | "groupIds": [],
252 | "strokeSharpness": "sharp",
253 | "boundElements": [],
254 | "updated": 1669568566224,
255 | "link": null,
256 | "locked": false
257 | },
258 | {
259 | "type": "ellipse",
260 | "version": 196,
261 | "versionNonce": 191587558,
262 | "isDeleted": false,
263 | "id": "KNkd8vUL9juiJc8KhlR_M",
264 | "fillStyle": "hachure",
265 | "strokeWidth": 1,
266 | "strokeStyle": "solid",
267 | "roughness": 1,
268 | "opacity": 100,
269 | "angle": 0,
270 | "x": 823.5,
271 | "y": 481.5,
272 | "strokeColor": "#000000",
273 | "backgroundColor": "transparent",
274 | "width": 21,
275 | "height": 19,
276 | "seed": 1736067245,
277 | "groupIds": [],
278 | "strokeSharpness": "sharp",
279 | "boundElements": [],
280 | "updated": 1669568566224,
281 | "link": null,
282 | "locked": false
283 | },
284 | {
285 | "type": "ellipse",
286 | "version": 184,
287 | "versionNonce": 1058423930,
288 | "isDeleted": false,
289 | "id": "tq2cPshHMcooCO53C4ZXS",
290 | "fillStyle": "hachure",
291 | "strokeWidth": 1,
292 | "strokeStyle": "solid",
293 | "roughness": 1,
294 | "opacity": 100,
295 | "angle": 0,
296 | "x": 816.5,
297 | "y": 505.5,
298 | "strokeColor": "#000000",
299 | "backgroundColor": "transparent",
300 | "width": 21,
301 | "height": 19,
302 | "seed": 443773411,
303 | "groupIds": [],
304 | "strokeSharpness": "sharp",
305 | "boundElements": [],
306 | "updated": 1669568566224,
307 | "link": null,
308 | "locked": false
309 | },
310 | {
311 | "type": "arrow",
312 | "version": 399,
313 | "versionNonce": 398055462,
314 | "isDeleted": false,
315 | "id": "PUCVFqOltrPPAMBp03wF2",
316 | "fillStyle": "hachure",
317 | "strokeWidth": 1,
318 | "strokeStyle": "solid",
319 | "roughness": 1,
320 | "opacity": 100,
321 | "angle": 0,
322 | "x": 1040.2902161274105,
323 | "y": 518.8536182537938,
324 | "strokeColor": "#000000",
325 | "backgroundColor": "transparent",
326 | "width": 264.8711540904749,
327 | "height": 3.5448510798102006,
328 | "seed": 1811972813,
329 | "groupIds": [],
330 | "strokeSharpness": "round",
331 | "boundElements": [],
332 | "updated": 1669568566224,
333 | "link": null,
334 | "locked": false,
335 | "startBinding": null,
336 | "endBinding": null,
337 | "lastCommittedPoint": null,
338 | "startArrowhead": null,
339 | "endArrowhead": "arrow",
340 | "points": [
341 | [
342 | 0,
343 | 0
344 | ],
345 | [
346 | 264.8711540904749,
347 | -3.5448510798102006
348 | ]
349 | ]
350 | },
351 | {
352 | "type": "arrow",
353 | "version": 613,
354 | "versionNonce": 999007546,
355 | "isDeleted": false,
356 | "id": "c5lnM9deNPuVh_1nmkjrE",
357 | "fillStyle": "hachure",
358 | "strokeWidth": 1,
359 | "strokeStyle": "solid",
360 | "roughness": 1,
361 | "opacity": 100,
362 | "angle": 0,
363 | "x": 862.7694079477316,
364 | "y": 585.117737035697,
365 | "strokeColor": "#000000",
366 | "backgroundColor": "transparent",
367 | "width": 218.5,
368 | "height": 59,
369 | "seed": 1542143693,
370 | "groupIds": [],
371 | "strokeSharpness": "round",
372 | "boundElements": [],
373 | "updated": 1669568566224,
374 | "link": null,
375 | "locked": false,
376 | "startBinding": {
377 | "elementId": "2q9LR5NwCXd99xEoeKG9w",
378 | "focus": 0.2568725557777864,
379 | "gap": 16.15242026323608
380 | },
381 | "endBinding": null,
382 | "lastCommittedPoint": null,
383 | "startArrowhead": null,
384 | "endArrowhead": "arrow",
385 | "points": [
386 | [
387 | 0,
388 | 0
389 | ],
390 | [
391 | 15.591975646813239,
392 | 59
393 | ],
394 | [
395 | -202.90802435318676,
396 | 56
397 | ]
398 | ]
399 | },
400 | {
401 | "type": "text",
402 | "version": 262,
403 | "versionNonce": 1347937126,
404 | "isDeleted": false,
405 | "id": "g6QXxoM31S4I5j0IwITHO",
406 | "fillStyle": "hachure",
407 | "strokeWidth": 1,
408 | "strokeStyle": "solid",
409 | "roughness": 1,
410 | "opacity": 100,
411 | "angle": 0,
412 | "x": 703,
413 | "y": 601.5,
414 | "strokeColor": "#000000",
415 | "backgroundColor": "transparent",
416 | "width": 147,
417 | "height": 25,
418 | "seed": 1732348995,
419 | "groupIds": [],
420 | "strokeSharpness": "sharp",
421 | "boundElements": [
422 | {
423 | "id": "PUCVFqOltrPPAMBp03wF2",
424 | "type": "arrow"
425 | }
426 | ],
427 | "updated": 1669568566224,
428 | "link": null,
429 | "locked": false,
430 | "fontSize": 20,
431 | "fontFamily": 1,
432 | "text": "no, return 429",
433 | "baseline": 18,
434 | "textAlign": "left",
435 | "verticalAlign": "top",
436 | "containerId": null,
437 | "originalText": "no, return 429"
438 | },
439 | {
440 | "type": "ellipse",
441 | "version": 460,
442 | "versionNonce": 1813442042,
443 | "isDeleted": false,
444 | "id": "wDPDx-qFWNaZ9Tzmr94cF",
445 | "fillStyle": "hachure",
446 | "strokeWidth": 1,
447 | "strokeStyle": "dashed",
448 | "roughness": 1,
449 | "opacity": 100,
450 | "angle": 0,
451 | "x": 845.5,
452 | "y": 510.5,
453 | "strokeColor": "#000000",
454 | "backgroundColor": "transparent",
455 | "width": 21,
456 | "height": 19,
457 | "seed": 677163789,
458 | "groupIds": [],
459 | "strokeSharpness": "sharp",
460 | "boundElements": [],
461 | "updated": 1669568566224,
462 | "link": null,
463 | "locked": false
464 | },
465 | {
466 | "type": "ellipse",
467 | "version": 226,
468 | "versionNonce": 932349606,
469 | "isDeleted": false,
470 | "id": "3_Vvi5ZOaLhIzvN2MuyMI",
471 | "fillStyle": "hachure",
472 | "strokeWidth": 1,
473 | "strokeStyle": "solid",
474 | "roughness": 1,
475 | "opacity": 100,
476 | "angle": 0,
477 | "x": 851.5,
478 | "y": 482.5,
479 | "strokeColor": "#000000",
480 | "backgroundColor": "transparent",
481 | "width": 21,
482 | "height": 19,
483 | "seed": 116697219,
484 | "groupIds": [],
485 | "strokeSharpness": "sharp",
486 | "boundElements": [],
487 | "updated": 1669568566224,
488 | "link": null,
489 | "locked": false
490 | },
491 | {
492 | "type": "text",
493 | "version": 125,
494 | "versionNonce": 633020090,
495 | "isDeleted": false,
496 | "id": "hU4Mit5foISg5GS_CLKpa",
497 | "fillStyle": "hachure",
498 | "strokeWidth": 1,
499 | "strokeStyle": "solid",
500 | "roughness": 1,
501 | "opacity": 100,
502 | "angle": 0,
503 | "x": 1038,
504 | "y": 535,
505 | "strokeColor": "#000000",
506 | "backgroundColor": "transparent",
507 | "width": 162,
508 | "height": 25,
509 | "seed": 1332467427,
510 | "groupIds": [],
511 | "strokeSharpness": "sharp",
512 | "boundElements": [],
513 | "updated": 1669568566224,
514 | "link": null,
515 | "locked": false,
516 | "fontSize": 20,
517 | "fontFamily": 1,
518 | "text": "forward request",
519 | "baseline": 18,
520 | "textAlign": "left",
521 | "verticalAlign": "top",
522 | "containerId": null,
523 | "originalText": "forward request"
524 | },
525 | {
526 | "type": "text",
527 | "version": 230,
528 | "versionNonce": 2115420646,
529 | "isDeleted": false,
530 | "id": "aNZa5_awoYyUIL_0teAek",
531 | "fillStyle": "hachure",
532 | "strokeWidth": 1,
533 | "strokeStyle": "solid",
534 | "roughness": 1,
535 | "opacity": 100,
536 | "angle": 0,
537 | "x": 1069,
538 | "y": 474.5,
539 | "strokeColor": "#000000",
540 | "backgroundColor": "transparent",
541 | "width": 126,
542 | "height": 25,
543 | "seed": 140918957,
544 | "groupIds": [],
545 | "strokeSharpness": "sharp",
546 | "boundElements": [],
547 | "updated": 1669568566224,
548 | "link": null,
549 | "locked": false,
550 | "fontSize": 20,
551 | "fontFamily": 1,
552 | "text": "yes, count++",
553 | "baseline": 18,
554 | "textAlign": "left",
555 | "verticalAlign": "top",
556 | "containerId": null,
557 | "originalText": "yes, count++"
558 | },
559 | {
560 | "type": "ellipse",
561 | "version": 418,
562 | "versionNonce": 1774536707,
563 | "isDeleted": false,
564 | "id": "qMtVVLjk99zHZtF5KXX_E",
565 | "fillStyle": "hachure",
566 | "strokeWidth": 1,
567 | "strokeStyle": "dashed",
568 | "roughness": 1,
569 | "opacity": 100,
570 | "angle": 0,
571 | "x": 875.5,
572 | "y": 503.5,
573 | "strokeColor": "#000000",
574 | "backgroundColor": "transparent",
575 | "width": 21,
576 | "height": 19,
577 | "seed": 2016583789,
578 | "groupIds": [],
579 | "strokeSharpness": "sharp",
580 | "boundElements": [],
581 | "updated": 1667232861833,
582 | "link": null,
583 | "locked": false
584 | },
585 | {
586 | "type": "arrow",
587 | "version": 646,
588 | "versionNonce": 790496269,
589 | "isDeleted": false,
590 | "id": "UK6230vSegCaJ8IGxayfQ",
591 | "fillStyle": "hachure",
592 | "strokeWidth": 1,
593 | "strokeStyle": "solid",
594 | "roughness": 1,
595 | "opacity": 100,
596 | "angle": 0,
597 | "x": 1310.4258065493073,
598 | "y": 591.3899178025052,
599 | "strokeColor": "#000000",
600 | "backgroundColor": "transparent",
601 | "width": 332.1288459095251,
602 | "height": 58.726242636900494,
603 | "seed": 567738957,
604 | "groupIds": [],
605 | "strokeSharpness": "round",
606 | "boundElements": [],
607 | "updated": 1667232988943,
608 | "link": null,
609 | "locked": false,
610 | "startBinding": null,
611 | "endBinding": {
612 | "elementId": "2q9LR5NwCXd99xEoeKG9w",
613 | "focus": 0.006165362557200494,
614 | "gap": 25.299219296482534
615 | },
616 | "lastCommittedPoint": null,
617 | "startArrowhead": null,
618 | "endArrowhead": "arrow",
619 | "points": [
620 | [
621 | 0,
622 | 0
623 | ],
624 | [
625 | -62.323557202946404,
626 | 43.4469972290741
627 | ],
628 | [
629 | -174.06442295476245,
630 | 58.726242636900494
631 | ],
632 | [
633 | -280.6402557167412,
634 | 42.946412347932096
635 | ],
636 | [
637 | -332.1288459095251,
638 | 2.8746182664381856
639 | ]
640 | ]
641 | },
642 | {
643 | "type": "text",
644 | "version": 87,
645 | "versionNonce": 1861745347,
646 | "isDeleted": false,
647 | "id": "gzqmqxthxaZQ-OjhDIDWJ",
648 | "fillStyle": "hachure",
649 | "strokeWidth": 1,
650 | "strokeStyle": "dashed",
651 | "roughness": 1,
652 | "opacity": 100,
653 | "angle": 0,
654 | "x": 1045,
655 | "y": 606,
656 | "strokeColor": "#000000",
657 | "backgroundColor": "transparent",
658 | "width": 203,
659 | "height": 25,
660 | "seed": 850489187,
661 | "groupIds": [],
662 | "strokeSharpness": "sharp",
663 | "boundElements": [],
664 | "updated": 1667232976274,
665 | "link": null,
666 | "locked": false,
667 | "fontSize": 20,
668 | "fontFamily": 1,
669 | "text": "request end, count--",
670 | "baseline": 18,
671 | "textAlign": "left",
672 | "verticalAlign": "top",
673 | "containerId": null,
674 | "originalText": "request end, count--"
675 | }
676 | ],
677 | "appState": {
678 | "gridSize": null,
679 | "viewBackgroundColor": "#ffffff"
680 | },
681 | "files": {}
682 | }
--------------------------------------------------------------------------------
/docs/fixed_window.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cristipufu/aspnetcore-redis-rate-limiting/a6282f27703664a502cc5a8690053795c971fff2/docs/fixed_window.png
--------------------------------------------------------------------------------
/docs/sliding_window.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cristipufu/aspnetcore-redis-rate-limiting/a6282f27703664a502cc5a8690053795c971fff2/docs/sliding_window.png
--------------------------------------------------------------------------------
/docs/token_bucket.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cristipufu/aspnetcore-redis-rate-limiting/a6282f27703664a502cc5a8690053795c971fff2/docs/token_bucket.png
--------------------------------------------------------------------------------
/src/RedisRateLimiting.AspNetCore/PolicyNameKey.cs:
--------------------------------------------------------------------------------
1 | namespace RedisRateLimiting.AspNetCore
2 | {
3 | internal sealed class PolicyNameKey
4 | {
5 | public required string PolicyName { get; init; }
6 |
7 | public override bool Equals(object? obj)
8 | {
9 | if (obj is PolicyNameKey key)
10 | {
11 | return PolicyName == key.PolicyName;
12 | }
13 | return false;
14 | }
15 |
16 | public override int GetHashCode()
17 | {
18 | return PolicyName.GetHashCode();
19 | }
20 |
21 | public override string ToString()
22 | {
23 | return PolicyName;
24 | }
25 | }
26 |
27 | }
28 |
--------------------------------------------------------------------------------
/src/RedisRateLimiting.AspNetCore/RateLimitHeaders.cs:
--------------------------------------------------------------------------------
1 | namespace RedisRateLimiting.AspNetCore
2 | {
3 | public static class RateLimitHeaders
4 | {
5 | public const string Limit = "X-RateLimit-Limit";
6 | public const string Remaining = "X-RateLimit-Remaining";
7 | public const string Reset = "X-RateLimit-Reset";
8 | public const string RetryAfter = "Retry-After";
9 | }
10 | }
11 |
--------------------------------------------------------------------------------
/src/RedisRateLimiting.AspNetCore/RateLimitMetadata.cs:
--------------------------------------------------------------------------------
1 | using Microsoft.AspNetCore.Http;
2 | using System.Threading.RateLimiting;
3 |
4 | namespace RedisRateLimiting.AspNetCore
5 | {
6 | public static class RateLimitMetadata
7 | {
8 | ///
9 | /// Sets the default rate limit headers.
10 | ///
11 | public static Func OnRejected { get; } = (httpContext, lease, token) =>
12 | {
13 | httpContext.Response.StatusCode = 429;
14 |
15 | if (lease.TryGetMetadata(RateLimitMetadataName.Limit, out var limit))
16 | {
17 | httpContext.Response.Headers[RateLimitHeaders.Limit] = limit;
18 | }
19 |
20 | if (lease.TryGetMetadata(RateLimitMetadataName.Remaining, out var remaining))
21 | {
22 | httpContext.Response.Headers[RateLimitHeaders.Remaining] = remaining.ToString();
23 | }
24 |
25 | if (lease.TryGetMetadata(RateLimitMetadataName.Reset, out var reset))
26 | {
27 | httpContext.Response.Headers[RateLimitHeaders.Reset] = reset.ToString();
28 | }
29 |
30 | if (lease.TryGetMetadata(RateLimitMetadataName.RetryAfter, out var retryAfter))
31 | {
32 | httpContext.Response.Headers[RateLimitHeaders.RetryAfter] = retryAfter.ToString();
33 | }
34 |
35 | return ValueTask.CompletedTask;
36 | };
37 | }
38 | }
39 |
--------------------------------------------------------------------------------
/src/RedisRateLimiting.AspNetCore/RedisRateLimiterOptionsExtensions.cs:
--------------------------------------------------------------------------------
1 | using Microsoft.AspNetCore.RateLimiting;
2 |
3 | namespace RedisRateLimiting.AspNetCore
4 | {
5 | public static class RedisRateLimiterOptionsExtensions
6 | {
7 | ///
8 | /// Adds a new with the given to the .
9 | ///
10 | /// The to add a limiter to.
11 | /// The name that will be associated with the limiter.
12 | /// A callback to configure the to be used for the limiter.
13 | /// This .
14 | public static RateLimiterOptions AddRedisConcurrencyLimiter(this RateLimiterOptions options, string policyName, Action configureOptions)
15 | {
16 | ArgumentNullException.ThrowIfNull(configureOptions);
17 |
18 | var key = new PolicyNameKey() { PolicyName = policyName };
19 | var concurrencyRateLimiterOptions = new RedisConcurrencyRateLimiterOptions();
20 | configureOptions.Invoke(concurrencyRateLimiterOptions);
21 |
22 | return options.AddPolicy(policyName, context =>
23 | {
24 | return RedisRateLimitPartition.GetConcurrencyRateLimiter(key, _ => concurrencyRateLimiterOptions);
25 | });
26 | }
27 |
28 | ///
29 | /// Adds a new with the given to the .
30 | ///
31 | /// The to add a limiter to.
32 | /// The name that will be associated with the limiter.
33 | /// A callback to configure the to be used for the limiter.
34 | /// This .
35 | public static RateLimiterOptions AddRedisFixedWindowLimiter(this RateLimiterOptions options, string policyName, Action configureOptions)
36 | {
37 | ArgumentNullException.ThrowIfNull(configureOptions);
38 |
39 | var key = new PolicyNameKey() { PolicyName = policyName };
40 | var fixedWindowRateLimiterOptions = new RedisFixedWindowRateLimiterOptions();
41 | configureOptions.Invoke(fixedWindowRateLimiterOptions);
42 |
43 | return options.AddPolicy(policyName, context =>
44 | {
45 | return RedisRateLimitPartition.GetFixedWindowRateLimiter(key, _ => fixedWindowRateLimiterOptions);
46 | });
47 | }
48 |
49 | ///
50 | /// Adds a new with the given to the .
51 | ///
52 | /// The to add a limiter to.
53 | /// The name that will be associated with the limiter.
54 | /// A callback to configure the to be used for the limiter.
55 | /// This .
56 | public static RateLimiterOptions AddRedisSlidingWindowLimiter(this RateLimiterOptions options, string policyName, Action configureOptions)
57 | {
58 | ArgumentNullException.ThrowIfNull(configureOptions);
59 |
60 | var key = new PolicyNameKey() { PolicyName = policyName };
61 | var slidingWindowRateLimiterOptions = new RedisSlidingWindowRateLimiterOptions();
62 | configureOptions.Invoke(slidingWindowRateLimiterOptions);
63 |
64 | return options.AddPolicy(policyName, context =>
65 | {
66 | return RedisRateLimitPartition.GetSlidingWindowRateLimiter(key, _ => slidingWindowRateLimiterOptions);
67 | });
68 | }
69 |
70 | ///
71 | /// Adds a new with the given to the .
72 | ///
73 | /// The to add a limiter to.
74 | /// The name that will be associated with the limiter.
75 | /// A callback to configure the to be used for the limiter.
76 | /// This .
77 | public static RateLimiterOptions AddRedisTokenBucketLimiter(this RateLimiterOptions options, string policyName, Action configureOptions)
78 | {
79 | ArgumentNullException.ThrowIfNull(configureOptions);
80 |
81 | var key = new PolicyNameKey() { PolicyName = policyName };
82 | var tokenBucketRateLimiterOptions = new RedisTokenBucketRateLimiterOptions();
83 | configureOptions.Invoke(tokenBucketRateLimiterOptions);
84 |
85 | return options.AddPolicy(policyName, context =>
86 | {
87 | return RedisRateLimitPartition.GetTokenBucketRateLimiter(key, _ => tokenBucketRateLimiterOptions);
88 | });
89 | }
90 | }
91 | }
--------------------------------------------------------------------------------
/src/RedisRateLimiting.AspNetCore/RedisRateLimiting.AspNetCore.csproj:
--------------------------------------------------------------------------------
1 |
2 |
3 | Library
4 | net7.0;net8.0
5 | enable
6 | RedisRateLimiting.AspNetCore
7 | AspNetCore Redis extension for rate limiting
8 | Cristi Pufu
9 | RedisRateLimiting.AspNetCore
10 | RedisRateLimiting.AspNetCore
11 | redis;rate-limit;rate-limiting;rate-limiter;aspnetcore;net7;net8
12 | https://github.com/cristipufu/aspnetcore-redis-rate-limiting
13 | MIT
14 | git
15 | https://github.com/cristipufu/aspnetcore-redis-rate-limiting
16 | 1.2.0
17 | enable
18 | README.md
19 |
20 |
21 |
22 | True
23 | \
24 |
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
33 |
34 |
35 |
36 |
--------------------------------------------------------------------------------
/src/RedisRateLimiting/Concurrency/RedisConcurrencyManager.cs:
--------------------------------------------------------------------------------
1 | using StackExchange.Redis;
2 | using System;
3 | using System.Threading.RateLimiting;
4 | using System.Threading.Tasks;
5 |
6 | namespace RedisRateLimiting.Concurrency
7 | {
8 | internal class RedisConcurrencyManager
9 | {
10 | private readonly IConnectionMultiplexer _connectionMultiplexer;
11 | private readonly RedisConcurrencyRateLimiterOptions _options;
12 | private readonly RedisKey RateLimitKey;
13 | private readonly RedisKey QueueRateLimitKey;
14 | private readonly RedisKey StatsRateLimitKey;
15 |
16 | private static readonly LuaScript Script = LuaScript.Prepare(
17 | @"local limit = tonumber(@permit_limit)
18 | local queue_limit = tonumber(@queue_limit)
19 | local try_enqueue = tonumber(@try_enqueue)
20 | local timestamp = tonumber(@current_time)
21 | -- max seconds it takes to complete a request
22 | local ttl = 60
23 |
24 | redis.call(""zremrangebyscore"", @rate_limit_key, '-inf', timestamp - ttl)
25 |
26 | if queue_limit > 0
27 | then
28 | redis.call(""zremrangebyscore"", @queue_key, '-inf', timestamp - ttl)
29 | end
30 |
31 | local count = redis.call(""zcard"", @rate_limit_key)
32 | local allowed = count < limit
33 | local queued = false
34 | local queue_count = 0
35 |
36 | if allowed
37 | then
38 |
39 | if queue_limit > 0
40 | then
41 | queue_count = redis.call(""zcard"", @queue_key)
42 | end
43 |
44 |
45 | if queue_count == 0 or try_enqueue == 0
46 | then
47 |
48 | redis.call(""zadd"", @rate_limit_key, timestamp, @unique_id)
49 |
50 | if queue_limit > 0
51 | then
52 | -- remove from pending queue
53 | redis.call(""zrem"", @queue_key, @unique_id)
54 | end
55 |
56 | else
57 | -- queue the current request next in line if we have any requests in the pending queue
58 | allowed = false
59 |
60 | queued = queue_count + count < limit + queue_limit
61 |
62 | if queued
63 | then
64 | redis.call(""zadd"", @queue_key, timestamp, @unique_id)
65 | end
66 |
67 | end
68 |
69 | else
70 | -- try to queue request
71 | if queue_limit > 0 and try_enqueue == 1
72 | then
73 |
74 | queue_count = redis.call(""zcard"", @queue_key)
75 | queued = queue_count < queue_limit
76 |
77 | if queued
78 | then
79 | redis.call(""zadd"", @queue_key, timestamp, @unique_id)
80 | end
81 |
82 | end
83 | end
84 |
85 | if allowed
86 | then
87 | redis.call(""hincrby"", @stats_key, 'total_successful', 1)
88 | else
89 | if queued == false and try_enqueue == 1
90 | then
91 | redis.call(""hincrby"", @stats_key, 'total_failed', 1)
92 | end
93 | end
94 |
95 | return { allowed, count, queued, queue_count }");
96 |
97 | private static readonly LuaScript StatisticsScript = LuaScript.Prepare(
98 | @"local count = redis.call(""zcard"", @rate_limit_key)
99 | local queue_count = redis.call(""zcard"", @queue_key)
100 | local total_successful_count = redis.call(""hget"", @stats_key, 'total_successful')
101 | local total_failed_count = redis.call(""hget"", @stats_key, 'total_failed')
102 |
103 | return { count, queue_count, total_successful_count, total_failed_count }");
104 |
105 | public RedisConcurrencyManager(
106 | string partitionKey,
107 | RedisConcurrencyRateLimiterOptions options)
108 | {
109 | _options = options;
110 | _connectionMultiplexer = options.ConnectionMultiplexerFactory!.Invoke();
111 |
112 | RateLimitKey = new RedisKey($"rl:cc:{{{partitionKey}}}");
113 | QueueRateLimitKey = new RedisKey($"rl:cc:{{{partitionKey}}}:q");
114 | StatsRateLimitKey = new RedisKey($"rl:cc:{{{partitionKey}}}:stats");
115 | }
116 |
117 | internal async Task TryAcquireLeaseAsync(string requestId, bool tryEnqueue = false)
118 | {
119 | var nowUnixTimeSeconds = DateTimeOffset.UtcNow.ToUnixTimeSeconds();
120 |
121 | var database = _connectionMultiplexer.GetDatabase();
122 |
123 | var response = (RedisValue[]?)await database.ScriptEvaluateAsync(
124 | Script,
125 | new
126 | {
127 | rate_limit_key = RateLimitKey,
128 | queue_key = QueueRateLimitKey,
129 | stats_key = StatsRateLimitKey,
130 | permit_limit = (RedisValue)_options.PermitLimit,
131 | try_enqueue = (RedisValue)(tryEnqueue ? 1 : 0),
132 | queue_limit = (RedisValue)_options.QueueLimit,
133 | current_time = (RedisValue)nowUnixTimeSeconds,
134 | unique_id = (RedisValue)requestId,
135 | });
136 |
137 | var result = new RedisConcurrencyResponse();
138 |
139 | if (response != null)
140 | {
141 | result.Allowed = (bool)response[0];
142 | result.Count = (long)response[1];
143 | result.Queued = (bool)response[2];
144 | result.QueueCount = (long)response[3];
145 | }
146 |
147 | return result;
148 | }
149 |
150 | internal RedisConcurrencyResponse TryAcquireLease(string requestId, bool tryEnqueue = false)
151 | {
152 | var nowUnixTimeSeconds = DateTimeOffset.UtcNow.ToUnixTimeSeconds();
153 |
154 | var database = _connectionMultiplexer.GetDatabase();
155 |
156 | var response = (RedisValue[]?)database.ScriptEvaluate(
157 | Script,
158 | new
159 | {
160 | rate_limit_key = RateLimitKey,
161 | queue_key = QueueRateLimitKey,
162 | stats_key = StatsRateLimitKey,
163 | permit_limit = (RedisValue)_options.PermitLimit,
164 | try_enqueue = (RedisValue)(tryEnqueue ? 1 : 0),
165 | queue_limit = (RedisValue)_options.QueueLimit,
166 | current_time = (RedisValue)nowUnixTimeSeconds,
167 | unique_id = (RedisValue)requestId,
168 | });
169 |
170 | var result = new RedisConcurrencyResponse();
171 |
172 | if (response != null)
173 | {
174 | result.Allowed = (bool)response[0];
175 | result.Count = (long)response[1];
176 | result.Queued = (bool)response[2];
177 | result.QueueCount = (long)response[3];
178 | }
179 |
180 | return result;
181 | }
182 |
183 | internal void ReleaseLease(string requestId)
184 | {
185 | var database = _connectionMultiplexer.GetDatabase();
186 | database.SortedSetRemove(RateLimitKey, requestId);
187 | }
188 |
189 | internal async Task ReleaseLeaseAsync(string requestId)
190 | {
191 | var database = _connectionMultiplexer.GetDatabase();
192 | await database.SortedSetRemoveAsync(RateLimitKey, requestId);
193 | }
194 |
195 | internal async Task ReleaseQueueLeaseAsync(string requestId)
196 | {
197 | var database = _connectionMultiplexer.GetDatabase();
198 | await database.SortedSetRemoveAsync(QueueRateLimitKey, requestId);
199 | }
200 |
201 | internal RateLimiterStatistics? GetStatistics()
202 | {
203 | var database = _connectionMultiplexer.GetDatabase();
204 |
205 | var response = (RedisValue[]?)database.ScriptEvaluate(
206 | StatisticsScript,
207 | new
208 | {
209 | rate_limit_key = RateLimitKey,
210 | queue_key = QueueRateLimitKey,
211 | stats_key = StatsRateLimitKey,
212 | });
213 |
214 | if (response == null)
215 | {
216 | return null;
217 | }
218 |
219 | return new RateLimiterStatistics
220 | {
221 | CurrentAvailablePermits = _options.PermitLimit + _options.QueueLimit - (long)response[0] - (long)response[1],
222 | CurrentQueuedCount = (long)response[1],
223 | TotalSuccessfulLeases = (long)response[2],
224 | TotalFailedLeases = (long)response[3],
225 | };
226 | }
227 | }
228 |
229 | internal class RedisConcurrencyResponse
230 | {
231 | internal bool Allowed { get; set; }
232 |
233 | internal bool Queued { get; set; }
234 |
235 | internal long Count { get; set; }
236 |
237 | internal long QueueCount { get; set; }
238 | }
239 | }
240 |
--------------------------------------------------------------------------------
/src/RedisRateLimiting/Concurrency/RedisConcurrencyRateLimiter.cs:
--------------------------------------------------------------------------------
1 | using RedisRateLimiting.Concurrency;
2 | using System;
3 | using System.Collections.Concurrent;
4 | using System.Collections.Generic;
5 | using System.Diagnostics;
6 | using System.Threading;
7 | using System.Threading.RateLimiting;
8 | using System.Threading.Tasks;
9 |
10 | namespace RedisRateLimiting
11 | {
12 | public class RedisConcurrencyRateLimiter : RateLimiter
13 | {
14 | private readonly RedisConcurrencyManager _redisManager;
15 | private readonly RedisConcurrencyRateLimiterOptions _options;
16 | private readonly ConcurrentQueue _queue = new();
17 |
18 | private readonly PeriodicTimer? _periodicTimer;
19 |
20 | private bool _disposed;
21 |
22 | private readonly ConcurrencyLease FailedLease = new(false, null, null);
23 |
24 | private int _activeRequestsCount;
25 | private long _idleSince = Stopwatch.GetTimestamp();
26 |
27 | public override TimeSpan? IdleDuration => Interlocked.CompareExchange(ref _activeRequestsCount, 0, 0) > 0
28 | ? null
29 | : Stopwatch.GetElapsedTime(_idleSince);
30 |
31 | public RedisConcurrencyRateLimiter(TKey partitionKey, RedisConcurrencyRateLimiterOptions options)
32 | {
33 | if (options is null)
34 | {
35 | throw new ArgumentNullException(nameof(options));
36 | }
37 | if (options.PermitLimit <= 0)
38 | {
39 | throw new ArgumentException(string.Format("{0} must be set to a value greater than 0.", nameof(options.PermitLimit)), nameof(options));
40 | }
41 | if (options.QueueLimit < 0)
42 | {
43 | throw new ArgumentException(string.Format("{0} must be set to a value greater than 0.", nameof(options.QueueLimit)), nameof(options));
44 | }
45 | if (options.ConnectionMultiplexerFactory is null)
46 | {
47 | throw new ArgumentException(string.Format("{0} must not be null.", nameof(options.ConnectionMultiplexerFactory)), nameof(options));
48 | }
49 |
50 | _options = new RedisConcurrencyRateLimiterOptions
51 | {
52 | ConnectionMultiplexerFactory = options.ConnectionMultiplexerFactory,
53 | PermitLimit = options.PermitLimit,
54 | QueueLimit = options.QueueLimit,
55 | TryDequeuePeriod = options.TryDequeuePeriod,
56 | };
57 |
58 | _redisManager = new RedisConcurrencyManager(partitionKey?.ToString() ?? string.Empty, _options);
59 |
60 | if (_options.QueueLimit > 0)
61 | {
62 | _periodicTimer = new PeriodicTimer(_options.TryDequeuePeriod);
63 |
64 | _ = StartDequeueTimerAsync(_periodicTimer);
65 | }
66 | }
67 |
68 | public override RateLimiterStatistics? GetStatistics()
69 | {
70 | return _redisManager.GetStatistics();
71 | }
72 |
73 | protected override async ValueTask AcquireAsyncCore(int permitCount, CancellationToken cancellationToken)
74 | {
75 | _idleSince = Stopwatch.GetTimestamp();
76 | if (permitCount > _options.PermitLimit)
77 | {
78 | throw new ArgumentOutOfRangeException(nameof(permitCount), permitCount, string.Format("{0} permit(s) exceeds the permit limit of {1}.", permitCount, _options.PermitLimit));
79 | }
80 |
81 | Interlocked.Increment(ref _activeRequestsCount);
82 | try
83 | {
84 | return await AcquireAsyncCoreInternal(cancellationToken);
85 | }
86 | finally
87 | {
88 | Interlocked.Decrement(ref _activeRequestsCount);
89 | _idleSince = Stopwatch.GetTimestamp();
90 | }
91 | }
92 |
93 | protected override RateLimitLease AttemptAcquireCore(int permitCount)
94 | {
95 | // https://github.com/cristipufu/aspnetcore-redis-rate-limiting/issues/66
96 | return FailedLease;
97 | }
98 |
99 | private async ValueTask AcquireAsyncCoreInternal(CancellationToken cancellationToken)
100 | {
101 | var leaseContext = new ConcurencyLeaseContext
102 | {
103 | Limit = _options.PermitLimit,
104 | RequestId = Guid.NewGuid().ToString(),
105 | };
106 |
107 | var response = await _redisManager.TryAcquireLeaseAsync(leaseContext.RequestId, tryEnqueue: true);
108 |
109 | leaseContext.Count = response.Count;
110 |
111 | if (response.Allowed)
112 | {
113 | return new ConcurrencyLease(isAcquired: true, this, leaseContext);
114 | }
115 |
116 | if (response.Queued)
117 | {
118 | Request request = new()
119 | {
120 | CancellationToken = cancellationToken,
121 | LeaseContext = leaseContext,
122 | TaskCompletionSource = new TaskCompletionSource(),
123 | };
124 |
125 | if (cancellationToken.CanBeCanceled)
126 | {
127 | request.CancellationTokenRegistration = cancellationToken.Register(static obj =>
128 | {
129 | // When the request gets canceled
130 | var request = (Request)obj!;
131 | request.TaskCompletionSource!.TrySetCanceled(request.CancellationToken);
132 |
133 | }, request);
134 | }
135 |
136 | _queue.Enqueue(request);
137 |
138 | return await request.TaskCompletionSource.Task;
139 | }
140 |
141 | return new ConcurrencyLease(isAcquired: false, this, leaseContext);
142 | }
143 |
144 | private void Release(ConcurencyLeaseContext leaseContext)
145 | {
146 | if (leaseContext.RequestId is null) return;
147 |
148 | _ = _redisManager.ReleaseLeaseAsync(leaseContext.RequestId);
149 | }
150 |
151 | private async Task StartDequeueTimerAsync(PeriodicTimer periodicTimer)
152 | {
153 | while (await periodicTimer.WaitForNextTickAsync())
154 | {
155 | await TryDequeueRequestsAsync();
156 | }
157 | }
158 |
159 | private async Task TryDequeueRequestsAsync()
160 | {
161 | try
162 | {
163 | while (_queue.TryPeek(out var request))
164 | {
165 | if (request.TaskCompletionSource!.Task.IsCompleted)
166 | {
167 | try
168 | {
169 | // The request was canceled while in the pending queue
170 | await _redisManager.ReleaseQueueLeaseAsync(request.LeaseContext!.RequestId!);
171 | }
172 | finally
173 | {
174 | request.CancellationTokenRegistration.Dispose();
175 |
176 | _queue.TryDequeue(out _);
177 | }
178 |
179 | continue;
180 | }
181 |
182 | var response = await _redisManager.TryAcquireLeaseAsync(request.LeaseContext!.RequestId!);
183 |
184 | request.LeaseContext.Count = response.Count;
185 |
186 | if (response.Allowed)
187 | {
188 | var pendingLease = new ConcurrencyLease(isAcquired: true, this, request.LeaseContext);
189 |
190 | try
191 | {
192 | if (request.TaskCompletionSource?.TrySetResult(pendingLease) == false)
193 | {
194 | // The request was canceled after we acquired the lease
195 | await _redisManager.ReleaseLeaseAsync(request.LeaseContext!.RequestId!);
196 | }
197 | }
198 | finally
199 | {
200 | request.CancellationTokenRegistration.Dispose();
201 |
202 | _queue.TryDequeue(out _);
203 | }
204 | }
205 | else
206 | {
207 | // Try next time
208 | break;
209 | }
210 | }
211 | }
212 | catch
213 | {
214 | // Try next time
215 | }
216 | }
217 |
218 | protected override void Dispose(bool disposing)
219 | {
220 | if (!disposing)
221 | {
222 | return;
223 | }
224 |
225 | if (_disposed)
226 | {
227 | return;
228 | }
229 |
230 | _disposed = true;
231 |
232 | _periodicTimer?.Dispose();
233 |
234 | while (_queue.TryDequeue(out var request))
235 | {
236 | request?.CancellationTokenRegistration.Dispose();
237 | request?.TaskCompletionSource?.TrySetResult(FailedLease);
238 | }
239 |
240 | base.Dispose(disposing);
241 | }
242 |
243 | protected override ValueTask DisposeAsyncCore()
244 | {
245 | Dispose(true);
246 |
247 | return default;
248 | }
249 |
250 | private sealed class ConcurencyLeaseContext
251 | {
252 | public string? RequestId { get; set; }
253 |
254 | public long Count { get; set; }
255 |
256 | public long Limit { get; set; }
257 | }
258 |
259 | private sealed class ConcurrencyLease : RateLimitLease
260 | {
261 | private static readonly string[] s_allMetadataNames = new[] { RateLimitMetadataName.Limit.Name, RateLimitMetadataName.Remaining.Name };
262 |
263 | private bool _disposed;
264 | private readonly RedisConcurrencyRateLimiter? _limiter;
265 | private readonly ConcurencyLeaseContext? _context;
266 |
267 | public ConcurrencyLease(bool isAcquired, RedisConcurrencyRateLimiter? limiter, ConcurencyLeaseContext? context)
268 | {
269 | IsAcquired = isAcquired;
270 | _limiter = limiter;
271 | _context = context;
272 | }
273 |
274 | public override bool IsAcquired { get; }
275 |
276 | public override IEnumerable MetadataNames => s_allMetadataNames;
277 |
278 | public override bool TryGetMetadata(string metadataName, out object? metadata)
279 | {
280 | if (metadataName == RateLimitMetadataName.Limit.Name && _context is not null)
281 | {
282 | metadata = _context.Limit.ToString();
283 | return true;
284 | }
285 |
286 | if (metadataName == RateLimitMetadataName.Remaining.Name && _context is not null)
287 | {
288 | metadata = _context.Limit - _context.Count;
289 | return true;
290 | }
291 |
292 | metadata = default;
293 | return false;
294 | }
295 |
296 | protected override void Dispose(bool disposing)
297 | {
298 | if (_disposed)
299 | {
300 | return;
301 | }
302 |
303 | _disposed = true;
304 |
305 | if (_context != null)
306 | {
307 | _limiter?.Release(_context);
308 | }
309 | }
310 | }
311 |
312 | private sealed class Request
313 | {
314 | public CancellationToken CancellationToken { get; set; }
315 |
316 | public ConcurencyLeaseContext? LeaseContext { get; set; }
317 |
318 | public TaskCompletionSource? TaskCompletionSource { get; set; }
319 |
320 | public CancellationTokenRegistration CancellationTokenRegistration { get; set; }
321 | }
322 | }
323 | }
324 |
--------------------------------------------------------------------------------
/src/RedisRateLimiting/Concurrency/RedisConcurrencyRateLimiterOptions.cs:
--------------------------------------------------------------------------------
1 | using System;
2 |
3 | namespace RedisRateLimiting
4 | {
5 | ///
6 | /// Options to specify the behavior of a .
7 | ///
8 | public sealed class RedisConcurrencyRateLimiterOptions : RedisRateLimiterOptions
9 | {
10 | ///
11 | /// Maximum number of permits that can be leased concurrently.
12 | /// Must be set to a value > 0 by the time these options are passed to the constructor of .
13 | ///
14 | public int PermitLimit { get; set; }
15 |
16 | ///
17 | /// Maximum number of permits that can be queued concurrently.
18 | /// Must be set to a value >= 0 by the time these options are passed to the constructor of .
19 | ///
20 | public int QueueLimit { get; set; }
21 |
22 | ///
23 | /// Specifies the minimum period between trying to dequeue queued permits.
24 | /// Must be set to a value greater than by the time these options are passed to the constructor of .
25 | ///
26 | public TimeSpan TryDequeuePeriod { get; set; } = TimeSpan.FromSeconds(1);
27 | }
28 | }
29 |
--------------------------------------------------------------------------------
/src/RedisRateLimiting/FixedWindow/RedisFixedWindowManager.cs:
--------------------------------------------------------------------------------
1 | using StackExchange.Redis;
2 | using System;
3 | using System.Threading.Tasks;
4 |
5 | namespace RedisRateLimiting.Concurrency
6 | {
7 | internal class RedisFixedWindowManager
8 | {
9 | private readonly IConnectionMultiplexer _connectionMultiplexer;
10 | private readonly RedisFixedWindowRateLimiterOptions _options;
11 | private readonly RedisKey RateLimitKey;
12 | private readonly RedisKey RateLimitExpireKey;
13 |
14 | private static readonly LuaScript Script = LuaScript.Prepare(
15 | @"local expires_at = tonumber(redis.call(""get"", @expires_at_key))
16 | local limit = tonumber(@permit_limit)
17 | local inc = tonumber(@increment_amount)
18 |
19 | if not expires_at or expires_at < tonumber(@current_time) then
20 | -- this is either a brand new window,
21 | -- or this window has closed, but redis hasn't cleaned up the key yet
22 | -- (redis will clean it up in one more second)
23 | -- initialize a new rate limit window
24 | redis.call(""set"", @rate_limit_key, 0)
25 | redis.call(""set"", @expires_at_key, @next_expires_at)
26 | -- tell Redis to clean this up _one second after_ the expires_at time (clock differences).
27 | -- (Redis will only clean up these keys long after the window has passed)
28 | redis.call(""expireat"", @rate_limit_key, @next_expires_at + 1)
29 | redis.call(""expireat"", @expires_at_key, @next_expires_at + 1)
30 | -- since the database was updated, return the new value
31 | expires_at = @next_expires_at
32 | end
33 |
34 | -- now that the window either already exists or it was freshly initialized
35 | -- increment the counter(`incrby` returns a number)
36 |
37 | local current = redis.call(""get"", @rate_limit_key)
38 |
39 | if not current then
40 | current = 0
41 | else
42 | current = tonumber(current)
43 | end
44 |
45 | local allowed = current + inc <= limit
46 |
47 | if allowed then
48 | current = redis.call(""incrby"", @rate_limit_key, inc)
49 | end
50 |
51 | return { current, expires_at, allowed }
52 | ");
53 |
54 | public RedisFixedWindowManager(
55 | string partitionKey,
56 | RedisFixedWindowRateLimiterOptions options)
57 | {
58 | _options = options;
59 | _connectionMultiplexer = options.ConnectionMultiplexerFactory!.Invoke();
60 |
61 | RateLimitKey = new RedisKey($"rl:fw:{{{partitionKey}}}");
62 | RateLimitExpireKey = new RedisKey($"rl:fw:{{{partitionKey}}}:exp");
63 | }
64 |
65 | internal async Task TryAcquireLeaseAsync(int permitCount)
66 | {
67 | var now = DateTimeOffset.UtcNow;
68 | var nowUnixTimeSeconds = now.ToUnixTimeSeconds();
69 |
70 | var database = _connectionMultiplexer.GetDatabase();
71 |
72 | var response = (RedisValue[]?)await database.ScriptEvaluateAsync(
73 | Script,
74 | new
75 | {
76 | rate_limit_key = RateLimitKey,
77 | expires_at_key = RateLimitExpireKey,
78 | next_expires_at = (RedisValue)now.Add(_options.Window).ToUnixTimeSeconds(),
79 | current_time = (RedisValue)nowUnixTimeSeconds,
80 | permit_limit = (RedisValue)_options.PermitLimit,
81 | increment_amount = (RedisValue)permitCount,
82 | });
83 |
84 | var result = new RedisFixedWindowResponse();
85 |
86 | if (response != null)
87 | {
88 | result.Count = (long)response[0];
89 | result.ExpiresAt = (long)response[1];
90 | result.Allowed = (bool)response[2];
91 | result.RetryAfter = TimeSpan.FromSeconds(result.ExpiresAt - nowUnixTimeSeconds);
92 | }
93 |
94 | return result;
95 | }
96 |
97 | internal RedisFixedWindowResponse TryAcquireLease()
98 | {
99 | var now = DateTimeOffset.UtcNow;
100 | var nowUnixTimeSeconds = now.ToUnixTimeSeconds();
101 |
102 | var database = _connectionMultiplexer.GetDatabase();
103 |
104 | var response = (RedisValue[]?)database.ScriptEvaluate(
105 | Script,
106 | new
107 | {
108 | rate_limit_key = RateLimitKey,
109 | expires_at_key = RateLimitExpireKey,
110 | next_expires_at = (RedisValue)now.Add(_options.Window).ToUnixTimeSeconds(),
111 | current_time = (RedisValue)nowUnixTimeSeconds,
112 | increment_amount = (RedisValue)1D,
113 | });
114 |
115 | var result = new RedisFixedWindowResponse();
116 |
117 | if (response != null)
118 | {
119 | result.Count = (long)response[0];
120 | result.ExpiresAt = (long)response[1];
121 | result.RetryAfter = TimeSpan.FromSeconds(result.ExpiresAt - nowUnixTimeSeconds);
122 | }
123 |
124 | return result;
125 | }
126 | }
127 |
128 | internal class RedisFixedWindowResponse
129 | {
130 | internal long ExpiresAt { get; set; }
131 | internal TimeSpan RetryAfter { get; set; }
132 | internal long Count { get; set; }
133 | internal bool Allowed { get; set; }
134 | }
135 | }
136 |
--------------------------------------------------------------------------------
/src/RedisRateLimiting/FixedWindow/RedisFixedWindowRateLimiter.cs:
--------------------------------------------------------------------------------
1 | using RedisRateLimiting.Concurrency;
2 | using System;
3 | using System.Collections.Generic;
4 | using System.Diagnostics;
5 | using System.Threading;
6 | using System.Threading.RateLimiting;
7 | using System.Threading.Tasks;
8 |
9 | namespace RedisRateLimiting
10 | {
11 | public class RedisFixedWindowRateLimiter : RateLimiter
12 | {
13 | private readonly RedisFixedWindowManager _redisManager;
14 | private readonly RedisFixedWindowRateLimiterOptions _options;
15 |
16 | private readonly FixedWindowLease FailedLease = new(isAcquired: false, null);
17 |
18 | private int _activeRequestsCount;
19 | private long _idleSince = Stopwatch.GetTimestamp();
20 |
21 | public override TimeSpan? IdleDuration => Interlocked.CompareExchange(ref _activeRequestsCount, 0, 0) > 0
22 | ? null
23 | : Stopwatch.GetElapsedTime(_idleSince);
24 |
25 | public RedisFixedWindowRateLimiter(TKey partitionKey, RedisFixedWindowRateLimiterOptions options)
26 | {
27 | if (options is null)
28 | {
29 | throw new ArgumentNullException(nameof(options));
30 | }
31 | if (options.PermitLimit <= 0)
32 | {
33 | throw new ArgumentException(string.Format("{0} must be set to a value greater than 0.", nameof(options.PermitLimit)), nameof(options));
34 | }
35 | if (options.Window <= TimeSpan.Zero)
36 | {
37 | throw new ArgumentException(string.Format("{0} must be set to a value greater than TimeSpan.Zero.", nameof(options.Window)), nameof(options));
38 | }
39 | if (options.ConnectionMultiplexerFactory is null)
40 | {
41 | throw new ArgumentException(string.Format("{0} must not be null.", nameof(options.ConnectionMultiplexerFactory)), nameof(options));
42 | }
43 |
44 | _options = new RedisFixedWindowRateLimiterOptions
45 | {
46 | PermitLimit = options.PermitLimit,
47 | Window = options.Window,
48 | ConnectionMultiplexerFactory = options.ConnectionMultiplexerFactory,
49 | };
50 |
51 | _redisManager = new RedisFixedWindowManager(partitionKey?.ToString() ?? string.Empty, _options);
52 | }
53 |
54 | public override RateLimiterStatistics? GetStatistics()
55 | {
56 | throw new NotImplementedException();
57 | }
58 |
59 | protected override ValueTask AcquireAsyncCore(int permitCount, CancellationToken cancellationToken)
60 | {
61 | if (permitCount > _options.PermitLimit)
62 | {
63 | throw new ArgumentOutOfRangeException(nameof(permitCount), permitCount, string.Format("{0} permit(s) exceeds the permit limit of {1}.", permitCount, _options.PermitLimit));
64 | }
65 |
66 | return AcquireAsyncCoreInternal(permitCount);
67 | }
68 |
69 | protected override RateLimitLease AttemptAcquireCore(int permitCount)
70 | {
71 | // https://github.com/cristipufu/aspnetcore-redis-rate-limiting/issues/66
72 | return FailedLease;
73 | }
74 |
75 | private async ValueTask AcquireAsyncCoreInternal(int permitCount)
76 | {
77 | var leaseContext = new FixedWindowLeaseContext
78 | {
79 | Limit = _options.PermitLimit,
80 | Window = _options.Window,
81 | };
82 |
83 | RedisFixedWindowResponse response;
84 | Interlocked.Increment(ref _activeRequestsCount);
85 | try
86 | {
87 | response = await _redisManager.TryAcquireLeaseAsync(permitCount);
88 | }
89 | finally
90 | {
91 | Interlocked.Decrement(ref _activeRequestsCount);
92 | _idleSince = Stopwatch.GetTimestamp();
93 | }
94 |
95 | leaseContext.Count = response.Count;
96 | leaseContext.RetryAfter = response.RetryAfter;
97 | leaseContext.ExpiresAt = response.ExpiresAt;
98 |
99 | return new FixedWindowLease(isAcquired: response.Allowed, leaseContext);
100 | }
101 |
102 | private sealed class FixedWindowLeaseContext
103 | {
104 | public long Count { get; set; }
105 |
106 | public long Limit { get; set; }
107 |
108 | public TimeSpan Window { get; set; }
109 |
110 | public TimeSpan? RetryAfter { get; set; }
111 |
112 | public long? ExpiresAt { get; set; }
113 | }
114 |
115 | private sealed class FixedWindowLease : RateLimitLease
116 | {
117 | private static readonly string[] s_allMetadataNames = new[] { RateLimitMetadataName.Limit.Name, RateLimitMetadataName.Remaining.Name, RateLimitMetadataName.RetryAfter.Name };
118 |
119 | private readonly FixedWindowLeaseContext? _context;
120 |
121 | public FixedWindowLease(bool isAcquired, FixedWindowLeaseContext? context)
122 | {
123 | IsAcquired = isAcquired;
124 | _context = context;
125 | }
126 |
127 | public override bool IsAcquired { get; }
128 |
129 | public override IEnumerable MetadataNames => s_allMetadataNames;
130 |
131 | public override bool TryGetMetadata(string metadataName, out object? metadata)
132 | {
133 | if (metadataName == RateLimitMetadataName.Limit.Name && _context is not null)
134 | {
135 | metadata = _context.Limit.ToString();
136 | return true;
137 | }
138 |
139 | if (metadataName == RateLimitMetadataName.Remaining.Name && _context is not null)
140 | {
141 | metadata = Math.Max(_context.Limit - _context.Count, 0);
142 | return true;
143 | }
144 |
145 | if (metadataName == RateLimitMetadataName.RetryAfter.Name && _context?.RetryAfter is not null)
146 | {
147 | metadata = (int)_context.RetryAfter.Value.TotalSeconds;
148 | return true;
149 | }
150 |
151 | if (metadataName == RateLimitMetadataName.Reset.Name && _context?.ExpiresAt is not null)
152 | {
153 | metadata = _context.ExpiresAt.Value;
154 | return true;
155 | }
156 |
157 | metadata = default;
158 | return false;
159 | }
160 | }
161 | }
162 | }
--------------------------------------------------------------------------------
/src/RedisRateLimiting/FixedWindow/RedisFixedWindowRateLimiterOptions.cs:
--------------------------------------------------------------------------------
1 | using System;
2 |
3 | namespace RedisRateLimiting
4 | {
5 | ///
6 | /// Options to specify the behavior of a .
7 | ///
8 | public sealed class RedisFixedWindowRateLimiterOptions : RedisRateLimiterOptions
9 | {
10 | ///
11 | /// Specifies the time window that takes in the requests.
12 | /// Must be set to a value greater than by the time these options are passed to the constructor of .
13 | ///
14 | public TimeSpan Window { get; set; } = TimeSpan.Zero;
15 |
16 | ///
17 | /// Maximum number of permit counters that can be allowed in a window.
18 | /// Must be set to a value > 0 by the time these options are passed to the constructor of .
19 | ///
20 | public int PermitLimit { get; set; }
21 | }
22 | }
23 |
--------------------------------------------------------------------------------
/src/RedisRateLimiting/RateLimitMetadataName.cs:
--------------------------------------------------------------------------------
1 | using System.Threading.RateLimiting;
2 |
3 | namespace RedisRateLimiting
4 | {
5 | ///
6 | /// Contains some common rate limiting metadata name-type pairs and helper method to create a metadata name.
7 | ///
8 | public static class RateLimitMetadataName
9 | {
10 | ///
11 | /// Indicates how long the user agent should wait before making a follow-up request (in seconds).
12 | /// For example, used in .
13 | ///
14 | public static MetadataName RetryAfter { get; } = MetadataName.Create("RATELIMIT_RETRYAFTER");
15 |
16 | ///
17 | /// Request limit. For example, used in .
18 | /// Request limit per timespan. For example 100/30m, used in .
19 | ///
20 | public static MetadataName Limit { get; } = MetadataName.Create("RATELIMIT_LIMIT");
21 |
22 | ///
23 | /// The number of requests left for the time window.
24 | /// For example, used in .
25 | ///
26 | public static MetadataName Remaining { get; } = MetadataName.Create("RATELIMIT_REMAINING");
27 |
28 | ///
29 | /// The remaining window before the rate limit resets in seconds.
30 | /// For example, used in .
31 | ///
32 | public static MetadataName Reset { get; } = MetadataName.Create("RATELIMIT_RESET");
33 | }
34 | }
35 |
--------------------------------------------------------------------------------
/src/RedisRateLimiting/RedisRateLimitPartition.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Threading.RateLimiting;
3 |
4 | namespace RedisRateLimiting
5 | {
6 | ///
7 | /// Contains methods for assisting in the creation of partitions for your rate limiter.
8 | ///
9 | public static class RedisRateLimitPartition
10 | {
11 | ///
12 | /// Defines a partition with a with the given .
13 | ///
14 | /// The type to distinguish partitions with.
15 | /// The specific key for this partition. This will be used to check for an existing cached limiter before calling the .
16 | /// The function called when a rate limiter for the given is needed. This can return the same instance of across different calls.
17 | ///
18 | public static RateLimitPartition GetConcurrencyRateLimiter(
19 | TKey partitionKey,
20 | Func factory)
21 | {
22 | return RateLimitPartition.Get(partitionKey, key => new RedisConcurrencyRateLimiter(key, factory(key)));
23 | }
24 |
25 | ///
26 | /// Defines a partition with a with the given .
27 | ///
28 | /// The type to distinguish partitions with.
29 | /// The specific key for this partition. This will be used to check for an existing cached limiter before calling the .
30 | /// The function called when a rate limiter for the given is needed. This can return the same instance of across different calls.
31 | ///
32 | public static RateLimitPartition GetFixedWindowRateLimiter(
33 | TKey partitionKey,
34 | Func factory)
35 | {
36 | return RateLimitPartition.Get(partitionKey, key => new RedisFixedWindowRateLimiter(key, factory(key)));
37 | }
38 |
39 | ///
40 | /// Defines a partition with a with the given .
41 | ///
42 | /// The type to distinguish partitions with.
43 | /// The specific key for this partition. This will be used to check for an existing cached limiter before calling the .
44 | /// The function called when a rate limiter for the given is needed. This can return the same instance of across different calls.
45 | ///
46 | public static RateLimitPartition GetSlidingWindowRateLimiter(
47 | TKey partitionKey,
48 | Func factory)
49 | {
50 | return RateLimitPartition.Get(partitionKey, key => new RedisSlidingWindowRateLimiter(key, factory(key)));
51 | }
52 |
53 | ///
54 | /// Defines a partition with a with the given .
55 | ///
56 | /// The type to distinguish partitions with.
57 | /// The specific key for this partition. This will be used to check for an existing cached limiter before calling the .
58 | /// The function called when a rate limiter for the given is needed. This can return the same instance of across different calls.
59 | ///
60 | public static RateLimitPartition GetTokenBucketRateLimiter(
61 | TKey partitionKey,
62 | Func factory)
63 | {
64 | return RateLimitPartition.Get(partitionKey, key => new RedisTokenBucketRateLimiter(key, factory(key)));
65 | }
66 | }
67 | }
68 |
--------------------------------------------------------------------------------
/src/RedisRateLimiting/RedisRateLimiterOptions.cs:
--------------------------------------------------------------------------------
1 | using StackExchange.Redis;
2 | using System;
3 |
4 | namespace RedisRateLimiting
5 | {
6 | public abstract class RedisRateLimiterOptions
7 | {
8 | //
9 | /// Factory for a Redis ConnectionMultiplexer.
10 | ///
11 | public Func? ConnectionMultiplexerFactory { get; set; }
12 | }
13 | }
14 |
--------------------------------------------------------------------------------
/src/RedisRateLimiting/RedisRateLimiting.csproj:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | Library
5 | net7.0;net8.0
6 | enable
7 | RedisRateLimiting
8 | Redis extensions for rate limiting
9 | Cristi Pufu
10 | RedisRateLimiting
11 | RedisRateLimiting
12 | redis;rate-limit;rate-limiting;rate-limiter;aspnetcore;net7;net8
13 | https://github.com/cristipufu/aspnetcore-redis-rate-limiting
14 | MIT
15 | git
16 | https://github.com/cristipufu/aspnetcore-redis-rate-limiting
17 | 1.2.0
18 | README.md
19 |
20 |
21 |
22 |
23 | True
24 | \
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
33 |
34 |
35 |
36 |
37 |
38 |
39 |
40 |
41 |
--------------------------------------------------------------------------------
/src/RedisRateLimiting/SlidingWindow/RedisSlidingWindowManager.cs:
--------------------------------------------------------------------------------
1 | using StackExchange.Redis;
2 | using System;
3 | using System.Threading.RateLimiting;
4 | using System.Threading.Tasks;
5 |
6 | namespace RedisRateLimiting.Concurrency
7 | {
8 | internal class RedisSlidingWindowManager
9 | {
10 | private readonly IConnectionMultiplexer _connectionMultiplexer;
11 | private readonly RedisSlidingWindowRateLimiterOptions _options;
12 | private readonly RedisKey RateLimitKey;
13 | private readonly RedisKey StatsRateLimitKey;
14 |
15 | private static readonly LuaScript Script = LuaScript.Prepare(
16 | @"local limit = tonumber(@permit_limit)
17 | local timestamp = tonumber(@current_time)
18 | local window = tonumber(@window)
19 |
20 | -- remove all requests outside current window
21 | redis.call(""zremrangebyscore"", @rate_limit_key, '-inf', timestamp - window)
22 |
23 | local count = redis.call(""zcard"", @rate_limit_key)
24 | local allowed = count < limit
25 |
26 | if allowed
27 | then
28 | redis.call(""zadd"", @rate_limit_key, timestamp, @unique_id)
29 | end
30 |
31 | local expireAtMilliseconds = math.floor((timestamp + window) * 1000 + 1);
32 | redis.call(""pexpireat"", @rate_limit_key, expireAtMilliseconds)
33 |
34 | if allowed
35 | then
36 | redis.call(""hincrby"", @stats_key, 'total_successful', 1)
37 | else
38 | redis.call(""hincrby"", @stats_key, 'total_failed', 1)
39 | end
40 |
41 | redis.call(""pexpireat"", @stats_key, expireAtMilliseconds)
42 |
43 | return { allowed, count }");
44 |
45 | private static readonly LuaScript StatisticsScript = LuaScript.Prepare(
46 | @"local count = redis.call(""zcard"", @rate_limit_key)
47 | local total_successful_count = redis.call(""hget"", @stats_key, 'total_successful')
48 | local total_failed_count = redis.call(""hget"", @stats_key, 'total_failed')
49 |
50 | return { count, total_successful_count, total_failed_count }");
51 |
52 | public RedisSlidingWindowManager(
53 | string partitionKey,
54 | RedisSlidingWindowRateLimiterOptions options)
55 | {
56 | _options = options;
57 | _connectionMultiplexer = options.ConnectionMultiplexerFactory!.Invoke();
58 |
59 | RateLimitKey = new RedisKey($"rl:sw:{{{partitionKey}}}");
60 | StatsRateLimitKey = new RedisKey($"rl:sw:{{{partitionKey}}}:stats");
61 | }
62 |
63 | internal async Task TryAcquireLeaseAsync(string requestId)
64 | {
65 | var now = DateTimeOffset.UtcNow;
66 | double nowUnixTimeSeconds = now.ToUnixTimeMilliseconds() / 1000.0;
67 |
68 | var database = _connectionMultiplexer.GetDatabase();
69 |
70 | var response = (RedisValue[]?)await database.ScriptEvaluateAsync(
71 | Script,
72 | new
73 | {
74 | rate_limit_key = RateLimitKey,
75 | stats_key = StatsRateLimitKey,
76 | permit_limit = (RedisValue)_options.PermitLimit,
77 | window = (RedisValue)_options.Window.TotalSeconds,
78 | current_time = (RedisValue)nowUnixTimeSeconds,
79 | unique_id = (RedisValue)requestId,
80 | });
81 |
82 | var result = new RedisSlidingWindowResponse();
83 |
84 | if (response != null)
85 | {
86 | result.Allowed = (bool)response[0];
87 | result.Count = (long)response[1];
88 | }
89 |
90 | return result;
91 | }
92 |
93 | internal RedisSlidingWindowResponse TryAcquireLease(string requestId)
94 | {
95 | var now = DateTimeOffset.UtcNow;
96 | double nowUnixTimeSeconds = now.ToUnixTimeMilliseconds() / 1000.0;
97 |
98 | var database = _connectionMultiplexer.GetDatabase();
99 |
100 | var response = (RedisValue[]?)database.ScriptEvaluate(
101 | Script,
102 | new
103 | {
104 | rate_limit_key = RateLimitKey,
105 | stats_key = StatsRateLimitKey,
106 | permit_limit = (RedisValue)_options.PermitLimit,
107 | window = (RedisValue)_options.Window.TotalSeconds,
108 | current_time = (RedisValue)nowUnixTimeSeconds,
109 | unique_id = (RedisValue)requestId,
110 | });
111 |
112 | var result = new RedisSlidingWindowResponse();
113 |
114 | if (response != null)
115 | {
116 | result.Allowed = (bool)response[0];
117 | result.Count = (long)response[1];
118 | }
119 |
120 | return result;
121 | }
122 |
123 | internal RateLimiterStatistics? GetStatistics()
124 | {
125 | var database = _connectionMultiplexer.GetDatabase();
126 |
127 | var response = (RedisValue[]?)database.ScriptEvaluate(
128 | StatisticsScript,
129 | new
130 | {
131 | rate_limit_key = RateLimitKey,
132 | stats_key = StatsRateLimitKey,
133 | });
134 |
135 | if (response == null)
136 | {
137 | return null;
138 | }
139 |
140 | return new RateLimiterStatistics
141 | {
142 | CurrentAvailablePermits = _options.PermitLimit - (long)response[0],
143 | TotalSuccessfulLeases = (long)response[1],
144 | TotalFailedLeases = (long)response[2],
145 | };
146 | }
147 | }
148 |
149 | internal class RedisSlidingWindowResponse
150 | {
151 | internal bool Allowed { get; set; }
152 | internal long Count { get; set; }
153 | }
154 | }
155 |
--------------------------------------------------------------------------------
/src/RedisRateLimiting/SlidingWindow/RedisSlidingWindowRateLimiter.cs:
--------------------------------------------------------------------------------
1 | using RedisRateLimiting.Concurrency;
2 | using System;
3 | using System.Collections.Generic;
4 | using System.Diagnostics;
5 | using System.Threading;
6 | using System.Threading.RateLimiting;
7 | using System.Threading.Tasks;
8 |
9 | namespace RedisRateLimiting
10 | {
11 | public class RedisSlidingWindowRateLimiter : RateLimiter
12 | {
13 | private readonly RedisSlidingWindowManager _redisManager;
14 | private readonly RedisSlidingWindowRateLimiterOptions _options;
15 |
16 | private readonly SlidingWindowLease FailedLease = new(isAcquired: false, null);
17 |
18 | private int _activeRequestsCount;
19 | private long _idleSince = Stopwatch.GetTimestamp();
20 |
21 | public override TimeSpan? IdleDuration => Interlocked.CompareExchange(ref _activeRequestsCount, 0, 0) > 0
22 | ? null
23 | : Stopwatch.GetElapsedTime(_idleSince);
24 |
25 | public RedisSlidingWindowRateLimiter(TKey partitionKey, RedisSlidingWindowRateLimiterOptions options)
26 | {
27 | if (options is null)
28 | {
29 | throw new ArgumentNullException(nameof(options));
30 | }
31 | if (options.PermitLimit <= 0)
32 | {
33 | throw new ArgumentException(string.Format("{0} must be set to a value greater than 0.", nameof(options.PermitLimit)), nameof(options));
34 | }
35 | if (options.Window <= TimeSpan.Zero)
36 | {
37 | throw new ArgumentException(string.Format("{0} must be set to a value greater than TimeSpan.Zero.", nameof(options.Window)), nameof(options));
38 | }
39 | if (options.ConnectionMultiplexerFactory is null)
40 | {
41 | throw new ArgumentException(string.Format("{0} must not be null.", nameof(options.ConnectionMultiplexerFactory)), nameof(options));
42 | }
43 |
44 | _options = new RedisSlidingWindowRateLimiterOptions
45 | {
46 | PermitLimit = options.PermitLimit,
47 | Window = options.Window,
48 | ConnectionMultiplexerFactory = options.ConnectionMultiplexerFactory,
49 | };
50 |
51 | _redisManager = new RedisSlidingWindowManager(partitionKey?.ToString() ?? string.Empty, _options);
52 | }
53 |
54 | public override RateLimiterStatistics? GetStatistics()
55 | {
56 | return _redisManager.GetStatistics();
57 | }
58 |
59 | protected override async ValueTask AcquireAsyncCore(int permitCount, CancellationToken cancellationToken)
60 | {
61 | _idleSince = Stopwatch.GetTimestamp();
62 | if (permitCount > _options.PermitLimit)
63 | {
64 | throw new ArgumentOutOfRangeException(nameof(permitCount), permitCount, string.Format("{0} permit(s) exceeds the permit limit of {1}.", permitCount, _options.PermitLimit));
65 | }
66 |
67 | Interlocked.Increment(ref _activeRequestsCount);
68 | try
69 | {
70 | return await AcquireAsyncCoreInternal();
71 | }
72 | finally
73 | {
74 | Interlocked.Decrement(ref _activeRequestsCount);
75 | _idleSince = Stopwatch.GetTimestamp();
76 | }
77 | }
78 |
79 | protected override RateLimitLease AttemptAcquireCore(int permitCount)
80 | {
81 | // https://github.com/cristipufu/aspnetcore-redis-rate-limiting/issues/66
82 | return FailedLease;
83 | }
84 |
85 | private async ValueTask AcquireAsyncCoreInternal()
86 | {
87 | var leaseContext = new SlidingWindowLeaseContext
88 | {
89 | Limit = _options.PermitLimit,
90 | Window = _options.Window,
91 | RequestId = Guid.NewGuid().ToString(),
92 | };
93 |
94 | var response = await _redisManager.TryAcquireLeaseAsync(leaseContext.RequestId);
95 |
96 | leaseContext.Count = response.Count;
97 | leaseContext.Allowed = response.Allowed;
98 |
99 | if (leaseContext.Allowed)
100 | {
101 | return new SlidingWindowLease(isAcquired: true, leaseContext);
102 | }
103 |
104 | return new SlidingWindowLease(isAcquired: false, leaseContext);
105 | }
106 |
107 | private sealed class SlidingWindowLeaseContext
108 | {
109 | public long Count { get; set; }
110 |
111 | public long Limit { get; set; }
112 |
113 | public TimeSpan Window { get; set; }
114 |
115 | public bool Allowed { get; set; }
116 |
117 | public string? RequestId { get; set; }
118 | }
119 |
120 | private sealed class SlidingWindowLease : RateLimitLease
121 | {
122 | private static readonly string[] s_allMetadataNames = new[] { RateLimitMetadataName.Limit.Name, RateLimitMetadataName.Remaining.Name };
123 |
124 | private readonly SlidingWindowLeaseContext? _context;
125 |
126 | public SlidingWindowLease(bool isAcquired, SlidingWindowLeaseContext? context)
127 | {
128 | IsAcquired = isAcquired;
129 | _context = context;
130 | }
131 |
132 | public override bool IsAcquired { get; }
133 |
134 | public override IEnumerable MetadataNames => s_allMetadataNames;
135 |
136 | public override bool TryGetMetadata(string metadataName, out object? metadata)
137 | {
138 | if (metadataName == RateLimitMetadataName.Limit.Name && _context is not null)
139 | {
140 | metadata = _context.Limit.ToString();
141 | return true;
142 | }
143 |
144 | if (metadataName == RateLimitMetadataName.Remaining.Name && _context is not null)
145 | {
146 | metadata = Math.Max(_context.Limit - _context.Count, 0);
147 | return true;
148 | }
149 |
150 | metadata = default;
151 | return false;
152 | }
153 | }
154 | }
155 | }
--------------------------------------------------------------------------------
/src/RedisRateLimiting/SlidingWindow/RedisSlidingWindowRateLimiterOptions.cs:
--------------------------------------------------------------------------------
1 | using System;
2 |
3 | namespace RedisRateLimiting
4 | {
5 | ///
6 | /// Options to specify the behavior of a .
7 | ///
8 | public sealed class RedisSlidingWindowRateLimiterOptions : RedisRateLimiterOptions
9 | {
10 | ///
11 | /// Specifies the time window that takes in the requests.
12 | /// Must be set to a value greater than by the time these options are passed to the constructor of .
13 | ///
14 | public TimeSpan Window { get; set; } = TimeSpan.Zero;
15 |
16 | ///
17 | /// Maximum number of permit counters that can be allowed in a window.
18 | /// Must be set to a value > 0 by the time these options are passed to the constructor of .
19 | ///
20 | public int PermitLimit { get; set; }
21 | }
22 | }
23 |
--------------------------------------------------------------------------------
/src/RedisRateLimiting/TokenBucket/RedisTokenBucketManager.cs:
--------------------------------------------------------------------------------
1 | using StackExchange.Redis;
2 | using System;
3 | using System.Threading.Tasks;
4 |
5 | namespace RedisRateLimiting.Concurrency
6 | {
7 | internal class RedisTokenBucketManager
8 | {
9 | private readonly IConnectionMultiplexer _connectionMultiplexer;
10 | private readonly RedisTokenBucketRateLimiterOptions _options;
11 | private readonly RedisKey RateLimitKey;
12 | private readonly RedisKey RateLimitTimestampKey;
13 |
14 | private static readonly LuaScript Script = LuaScript.Prepare(@"
15 | -- Prepare the input and force the correct data types.
16 | local limit = tonumber(@token_limit)
17 | local rate = tonumber(@tokens_per_period)
18 | local period = tonumber(@replenish_period)
19 | local requested = tonumber(@permit_count)
20 | local now = tonumber(@current_time)
21 |
22 | -- Load the current state from Redis. We use MGET to save a round-trip.
23 | local state = redis.call('MGET', @rate_limit_key, @timestamp_key)
24 | local current_tokens = tonumber(state[1]) or limit
25 | local last_refreshed = tonumber(state[2]) or 0
26 |
27 | -- Calculate the time and replenishment periods elapsed since the last call.
28 | local time_since_last_refreshed = math.max(0, now - last_refreshed)
29 | local periods_since_last_refreshed = math.floor(time_since_last_refreshed / period)
30 |
31 | -- Now we have all the info we need to calculate the current tokens based on the elapsed time.
32 | current_tokens = math.min(limit, current_tokens + (periods_since_last_refreshed * rate))
33 |
34 | -- We are also able to calculate the time of the last replenishment, which we store and use
35 | -- to calculate the time after which a client may retry if they are rate limited.
36 | local time_of_last_replenishment = now
37 | if last_refreshed > 0 then
38 | time_of_last_replenishment = last_refreshed + (periods_since_last_refreshed * period)
39 | end
40 |
41 | -- If the bucket contains enough tokens for the current request, we remove the tokens.
42 | local allowed = current_tokens >= requested
43 | if allowed then
44 | current_tokens = current_tokens - requested
45 | end
46 |
47 | -- In order to remove rate limit keys automatically from the database, we calculate a TTL
48 | -- based on the worst-case scenario for the bucket to fill up again.
49 | -- The worst case is when the bucket is empty and the last replenisment adds less tokens than available.
50 | local periods_until_full = math.ceil(limit / rate)
51 | local ttl = math.ceil(periods_until_full * period)
52 |
53 | -- We only store the new state in the database if the request was granted.
54 | -- This avoids rounding issues and edge cases which can occur if many requests are rate limited.
55 | if allowed then
56 | redis.call('SET', @rate_limit_key, current_tokens, 'PX', ttl)
57 | redis.call('SET', @timestamp_key, time_of_last_replenishment, 'PX', ttl)
58 | end
59 |
60 | -- Before we return, we can now also calculate when the client may retry again if they are rate limited.
61 | local retry_after = 0
62 | if not allowed then
63 | retry_after = period - (now - time_of_last_replenishment)
64 | end
65 |
66 | return { allowed, current_tokens, retry_after }");
67 |
68 | public RedisTokenBucketManager(
69 | string partitionKey,
70 | RedisTokenBucketRateLimiterOptions options)
71 | {
72 | _options = options;
73 | _connectionMultiplexer = options.ConnectionMultiplexerFactory!.Invoke();
74 |
75 | RateLimitKey = new RedisKey($"rl:tb:{{{partitionKey}}}");
76 | RateLimitTimestampKey = new RedisKey($"rl:tb:{{{partitionKey}}}:ts");
77 | }
78 |
79 | internal async Task TryAcquireLeaseAsync(int permitCount)
80 | {
81 | var database = _connectionMultiplexer.GetDatabase();
82 |
83 | var response = (RedisValue[]?)await database.ScriptEvaluateAsync(
84 | Script,
85 | new
86 | {
87 | rate_limit_key = RateLimitKey,
88 | timestamp_key = RateLimitTimestampKey,
89 | tokens_per_period = (RedisValue)_options.TokensPerPeriod,
90 | token_limit = (RedisValue)_options.TokenLimit,
91 | replenish_period = (RedisValue)_options.ReplenishmentPeriod.TotalMilliseconds,
92 | permit_count = (RedisValue)permitCount,
93 | current_time = (RedisValue)DateTimeOffset.UtcNow.ToUnixTimeMilliseconds(),
94 | });
95 |
96 | var result = new RedisTokenBucketResponse();
97 |
98 | if (response != null)
99 | {
100 | result.Allowed = (bool)response[0];
101 | result.Count = (long)response[1];
102 | result.RetryAfter = (int)Math.Ceiling((decimal)response[2] / 1000);
103 | }
104 |
105 | return result;
106 | }
107 |
108 | internal RedisTokenBucketResponse TryAcquireLease()
109 | {
110 | var database = _connectionMultiplexer.GetDatabase();
111 |
112 | var response = (RedisValue[]?)database.ScriptEvaluate(
113 | Script,
114 | new
115 | {
116 | rate_limit_key = RateLimitKey,
117 | timestamp_key = RateLimitTimestampKey,
118 | tokens_per_period = (RedisValue)_options.TokensPerPeriod,
119 | token_limit = (RedisValue)_options.TokenLimit,
120 | replenish_period = (RedisValue)_options.ReplenishmentPeriod.TotalMilliseconds,
121 | permit_count = (RedisValue)1D,
122 | current_time = (RedisValue)DateTimeOffset.UtcNow.ToUnixTimeMilliseconds(),
123 | });
124 |
125 | var result = new RedisTokenBucketResponse();
126 |
127 | if (response != null)
128 | {
129 | result.Allowed = (bool)response[0];
130 | result.Count = (long)response[1];
131 | result.RetryAfter = (int)Math.Ceiling((decimal)response[2] / 1000);
132 | }
133 |
134 | return result;
135 | }
136 | }
137 |
138 | internal class RedisTokenBucketResponse
139 | {
140 | internal bool Allowed { get; set; }
141 | internal long Count { get; set; }
142 | internal int RetryAfter { get; set; }
143 | }
144 | }
--------------------------------------------------------------------------------
/src/RedisRateLimiting/TokenBucket/RedisTokenBucketRateLimiter.cs:
--------------------------------------------------------------------------------
1 | using RedisRateLimiting.Concurrency;
2 | using System;
3 | using System.Collections.Generic;
4 | using System.Diagnostics;
5 | using System.Threading;
6 | using System.Threading.RateLimiting;
7 | using System.Threading.Tasks;
8 |
9 | namespace RedisRateLimiting
10 | {
11 | public class RedisTokenBucketRateLimiter : RateLimiter
12 | {
13 | private readonly RedisTokenBucketManager _redisManager;
14 | private readonly RedisTokenBucketRateLimiterOptions _options;
15 |
16 | private readonly TokenBucketLease FailedLease = new(isAcquired: false, null);
17 |
18 | private int _activeRequestsCount;
19 | private long _idleSince = Stopwatch.GetTimestamp();
20 |
21 | public override TimeSpan? IdleDuration => Interlocked.CompareExchange(ref _activeRequestsCount, 0, 0) > 0
22 | ? null
23 | : Stopwatch.GetElapsedTime(_idleSince);
24 |
25 | public RedisTokenBucketRateLimiter(TKey partitionKey, RedisTokenBucketRateLimiterOptions options)
26 | {
27 | if (options is null)
28 | {
29 | throw new ArgumentNullException(nameof(options));
30 | }
31 | if (options.TokenLimit <= 0)
32 | {
33 | throw new ArgumentException(string.Format("{0} must be set to a value greater than 0.", nameof(options.TokenLimit)), nameof(options));
34 | }
35 | if (options.TokensPerPeriod <= 0)
36 | {
37 | throw new ArgumentException(string.Format("{0} must be set to a value greater than 0.", nameof(options.TokensPerPeriod)), nameof(options));
38 | }
39 | if (options.ReplenishmentPeriod <= TimeSpan.Zero)
40 | {
41 | throw new ArgumentException(string.Format("{0} must be set to a value greater than TimeSpan.Zero.", nameof(options.ReplenishmentPeriod)), nameof(options));
42 | }
43 |
44 | if (options.ConnectionMultiplexerFactory is null)
45 | {
46 | throw new ArgumentException(string.Format("{0} must not be null.", nameof(options.ConnectionMultiplexerFactory)), nameof(options));
47 | }
48 | _options = new RedisTokenBucketRateLimiterOptions
49 | {
50 | ConnectionMultiplexerFactory = options.ConnectionMultiplexerFactory,
51 | TokenLimit = options.TokenLimit,
52 | ReplenishmentPeriod = options.ReplenishmentPeriod,
53 | TokensPerPeriod = options.TokensPerPeriod,
54 | };
55 |
56 | _redisManager = new RedisTokenBucketManager(partitionKey?.ToString() ?? string.Empty, _options);
57 | }
58 |
59 | public override RateLimiterStatistics? GetStatistics()
60 | {
61 | throw new NotImplementedException();
62 | }
63 |
64 | protected override async ValueTask AcquireAsyncCore(int permitCount, CancellationToken cancellationToken)
65 | {
66 | _idleSince = Stopwatch.GetTimestamp();
67 | if (permitCount > _options.TokenLimit)
68 | {
69 | throw new ArgumentOutOfRangeException(nameof(permitCount), permitCount, string.Format("{0} permit(s) exceeds the permit limit of {1}.", permitCount, _options.TokenLimit));
70 | }
71 |
72 | Interlocked.Increment(ref _activeRequestsCount);
73 | try
74 | {
75 | return await AcquireAsyncCoreInternal(permitCount);
76 | }
77 | finally
78 | {
79 | Interlocked.Decrement(ref _activeRequestsCount);
80 | _idleSince = Stopwatch.GetTimestamp();
81 | }
82 | }
83 |
84 | protected override RateLimitLease AttemptAcquireCore(int permitCount)
85 | {
86 | // https://github.com/cristipufu/aspnetcore-redis-rate-limiting/issues/66
87 | return FailedLease;
88 | }
89 |
90 | private async ValueTask AcquireAsyncCoreInternal(int permitCount)
91 | {
92 | var leaseContext = new TokenBucketLeaseContext
93 | {
94 | Limit = _options.TokenLimit,
95 | };
96 |
97 | var response = await _redisManager.TryAcquireLeaseAsync(permitCount);
98 |
99 | leaseContext.Allowed = response.Allowed;
100 | leaseContext.Count = response.Count;
101 | leaseContext.RetryAfter = response.RetryAfter;
102 |
103 | if (leaseContext.Allowed)
104 | {
105 | return new TokenBucketLease(isAcquired: true, leaseContext);
106 | }
107 |
108 | return new TokenBucketLease(isAcquired: false, leaseContext);
109 | }
110 |
111 | private sealed class TokenBucketLeaseContext
112 | {
113 | public long Count { get; set; }
114 |
115 | public long Limit { get; set; }
116 |
117 | public int RetryAfter { get; set; }
118 |
119 | public bool Allowed { get; set; }
120 | }
121 |
122 | private sealed class TokenBucketLease : RateLimitLease
123 | {
124 | private static readonly string[] s_allMetadataNames = new[] { RateLimitMetadataName.Limit.Name, RateLimitMetadataName.Remaining.Name };
125 |
126 | private readonly TokenBucketLeaseContext? _context;
127 |
128 | public TokenBucketLease(bool isAcquired, TokenBucketLeaseContext? context)
129 | {
130 | IsAcquired = isAcquired;
131 | _context = context;
132 | }
133 |
134 | public override bool IsAcquired { get; }
135 |
136 | public override IEnumerable MetadataNames => s_allMetadataNames;
137 |
138 | public override bool TryGetMetadata(string metadataName, out object? metadata)
139 | {
140 | if (metadataName == RateLimitMetadataName.Limit.Name && _context is not null)
141 | {
142 | metadata = _context.Limit.ToString();
143 | return true;
144 | }
145 |
146 | if (metadataName == RateLimitMetadataName.Remaining.Name && _context is not null)
147 | {
148 | metadata = _context.Count;
149 | return true;
150 | }
151 |
152 | if (metadataName == RateLimitMetadataName.RetryAfter.Name && _context is not null)
153 | {
154 | metadata = _context.RetryAfter;
155 | return true;
156 | }
157 |
158 | metadata = default;
159 | return false;
160 | }
161 | }
162 | }
163 | }
--------------------------------------------------------------------------------
/src/RedisRateLimiting/TokenBucket/RedisTokenBucketRateLimiterOptions.cs:
--------------------------------------------------------------------------------
1 | using System;
2 |
3 | namespace RedisRateLimiting
4 | {
5 | ///
6 | /// Options to specify the behavior of a .
7 | ///
8 | public sealed class RedisTokenBucketRateLimiterOptions : RedisRateLimiterOptions
9 | {
10 | ///
11 | /// Specifies the minimum period between replenishments.
12 | /// Must be set to a value greater than by the time these options are passed to the constructor of .
13 | ///
14 | public TimeSpan ReplenishmentPeriod { get; set; } = TimeSpan.Zero;
15 |
16 | ///
17 | /// Specifies the maximum number of tokens to restore each replenishment.
18 | /// Must be set to a value > 0 by the time these options are passed to the constructor of .
19 | ///
20 | public int TokensPerPeriod { get; set; }
21 |
22 | ///
23 | /// Maximum number of tokens that can be in the bucket at any time.
24 | /// Must be set to a value > 0 by the time these options are passed to the constructor of .
25 | ///
26 | public int TokenLimit { get; set; }
27 | }
28 | }
29 |
--------------------------------------------------------------------------------
/test/RedisRateLimiting.Sample.AspNetCore/Controllers/ClientsController.cs:
--------------------------------------------------------------------------------
1 | using Microsoft.AspNetCore.Mvc;
2 | using Microsoft.AspNetCore.RateLimiting;
3 |
4 | namespace RedisRateLimiting.Sample.Controllers
5 | {
6 | [ApiController]
7 | [Route("[controller]")]
8 | [EnableRateLimiting("demo_client_id")]
9 | public class ClientsController : ControllerBase
10 | {
11 | private static readonly string[] Summaries = new[]
12 | {
13 | "Freezing", "Bracing", "Chilly", "Cool", "Mild", "Warm", "Balmy", "Hot", "Sweltering", "Scorching"
14 | };
15 |
16 | public ClientsController()
17 | {
18 | }
19 |
20 | [HttpGet]
21 | public async Task> Get()
22 | {
23 | await Task.Delay(2000);
24 |
25 | return Enumerable.Range(1, 5).Select(index => new WeatherForecast
26 | {
27 | Date = DateTime.Now.AddDays(index),
28 | TemperatureC = Random.Shared.Next(-20, 55),
29 | Summary = Summaries[Random.Shared.Next(Summaries.Length)]
30 | })
31 | .ToArray();
32 | }
33 | }
34 | }
--------------------------------------------------------------------------------
/test/RedisRateLimiting.Sample.AspNetCore/Controllers/ConcurrencyController.cs:
--------------------------------------------------------------------------------
1 | using Microsoft.AspNetCore.Mvc;
2 | using Microsoft.AspNetCore.RateLimiting;
3 |
4 | namespace RedisRateLimiting.Sample.Controllers
5 | {
6 | [ApiController]
7 | [Route("[controller]")]
8 | public class ConcurrencyController : ControllerBase
9 | {
10 | private static readonly string[] Summaries = new[]
11 | {
12 | "Freezing", "Bracing", "Chilly", "Cool", "Mild", "Warm", "Balmy", "Hot", "Sweltering", "Scorching"
13 | };
14 |
15 | public ConcurrencyController()
16 | {
17 | }
18 |
19 | [HttpGet]
20 | [EnableRateLimiting("demo_concurrency")]
21 | public async Task> Get()
22 | {
23 | await Task.Delay(1000);
24 |
25 | return Enumerable.Range(1, 5).Select(index => new WeatherForecast
26 | {
27 | Date = DateTime.Now.AddDays(index),
28 | TemperatureC = Random.Shared.Next(-20, 55),
29 | Summary = Summaries[Random.Shared.Next(Summaries.Length)]
30 | })
31 | .ToArray();
32 | }
33 |
34 | [HttpGet]
35 | [EnableRateLimiting("demo_concurrency_queue")]
36 | [Route("Queue")]
37 | public async Task> GetQueue()
38 | {
39 | await Task.Delay(1000);
40 |
41 | return Enumerable.Range(1, 3).Select(index => new WeatherForecast
42 | {
43 | Date = DateTime.Now.AddDays(index),
44 | TemperatureC = Random.Shared.Next(-10, 45),
45 | Summary = Summaries[Random.Shared.Next(Summaries.Length)]
46 | })
47 | .ToArray();
48 | }
49 | }
50 | }
--------------------------------------------------------------------------------
/test/RedisRateLimiting.Sample.AspNetCore/Controllers/FixedWindowController.cs:
--------------------------------------------------------------------------------
1 | using Microsoft.AspNetCore.Mvc;
2 | using Microsoft.AspNetCore.RateLimiting;
3 |
4 | namespace RedisRateLimiting.Sample.Controllers
5 | {
6 | [ApiController]
7 | [Route("[controller]")]
8 | [EnableRateLimiting("demo_fixed_window")]
9 | public class FixedWindowController : ControllerBase
10 | {
11 | private static readonly string[] Summaries = new[]
12 | {
13 | "Freezing", "Bracing", "Chilly", "Cool", "Mild", "Warm", "Balmy", "Hot", "Sweltering", "Scorching"
14 | };
15 |
16 | public FixedWindowController()
17 | {
18 | }
19 |
20 | [HttpGet]
21 | public IEnumerable Get()
22 | {
23 | return Enumerable.Range(1, 5).Select(index => new WeatherForecast
24 | {
25 | Date = DateTime.Now.AddDays(index),
26 | TemperatureC = Random.Shared.Next(-20, 55),
27 | Summary = Summaries[Random.Shared.Next(Summaries.Length)]
28 | })
29 | .ToArray();
30 | }
31 | }
32 | }
--------------------------------------------------------------------------------
/test/RedisRateLimiting.Sample.AspNetCore/Controllers/SlidingWindowController.cs:
--------------------------------------------------------------------------------
1 | using Microsoft.AspNetCore.Mvc;
2 | using Microsoft.AspNetCore.RateLimiting;
3 |
4 | namespace RedisRateLimiting.Sample.Controllers
5 | {
6 | [ApiController]
7 | [Route("[controller]")]
8 | [EnableRateLimiting("demo_sliding_window")]
9 | public class SlidingWindowController : ControllerBase
10 | {
11 | private static readonly string[] Summaries = new[]
12 | {
13 | "Freezing", "Bracing", "Chilly", "Cool", "Mild", "Warm", "Balmy", "Hot", "Sweltering", "Scorching"
14 | };
15 |
16 | public SlidingWindowController()
17 | {
18 | }
19 |
20 | [HttpGet]
21 | public IEnumerable Get()
22 | {
23 | return Enumerable.Range(1, 5).Select(index => new WeatherForecast
24 | {
25 | Date = DateTime.Now.AddDays(index),
26 | TemperatureC = Random.Shared.Next(-20, 55),
27 | Summary = Summaries[Random.Shared.Next(Summaries.Length)]
28 | })
29 | .ToArray();
30 | }
31 | }
32 | }
--------------------------------------------------------------------------------
/test/RedisRateLimiting.Sample.AspNetCore/Controllers/TokenBucketController.cs:
--------------------------------------------------------------------------------
1 | using Microsoft.AspNetCore.Mvc;
2 | using Microsoft.AspNetCore.RateLimiting;
3 |
4 | namespace RedisRateLimiting.Sample.Controllers
5 | {
6 | [ApiController]
7 | [Route("[controller]")]
8 | [EnableRateLimiting("demo_token_bucket")]
9 | public class TokenBucketController : ControllerBase
10 | {
11 | private static readonly string[] Summaries = new[]
12 | {
13 | "Freezing", "Bracing", "Chilly", "Cool", "Mild", "Warm", "Balmy", "Hot", "Sweltering", "Scorching"
14 | };
15 |
16 | public TokenBucketController()
17 | {
18 | }
19 |
20 | [HttpGet]
21 | public IEnumerable Get()
22 | {
23 | return Enumerable.Range(1, 5).Select(index => new WeatherForecast
24 | {
25 | Date = DateTime.Now.AddDays(index),
26 | TemperatureC = Random.Shared.Next(-20, 55),
27 | Summary = Summaries[Random.Shared.Next(Summaries.Length)]
28 | })
29 | .ToArray();
30 | }
31 | }
32 | }
--------------------------------------------------------------------------------
/test/RedisRateLimiting.Sample.AspNetCore/Database/SampleDbContext.cs:
--------------------------------------------------------------------------------
1 | using Microsoft.EntityFrameworkCore;
2 |
3 | namespace RedisRateLimiting.Sample.AspNetCore.Database
4 | {
5 | #nullable disable
6 | public class SampleDbContext : DbContext
7 | {
8 | public string DbPath { get; }
9 |
10 | public SampleDbContext() : base()
11 | {
12 | var folder = Environment.SpecialFolder.LocalApplicationData;
13 | var path = Environment.GetFolderPath(folder);
14 |
15 | DbPath = Path.Join(path, "ratelimit.db");
16 | }
17 |
18 | protected override void OnModelCreating(ModelBuilder modelBuilder)
19 | {
20 | modelBuilder.Entity().HasData(
21 | new RateLimit
22 | {
23 | Id = 1,
24 | PermitLimit = 1,
25 | QueueLimit = 0,
26 | Window = TimeSpan.FromSeconds(1),
27 | },
28 | new RateLimit
29 | {
30 | Id = 2,
31 | PermitLimit = 2,
32 | QueueLimit = 0,
33 | Window = TimeSpan.FromSeconds(1),
34 | },
35 | new RateLimit
36 | {
37 | Id = 3,
38 | PermitLimit = 3,
39 | QueueLimit = 0,
40 | Window = TimeSpan.FromSeconds(1),
41 | });
42 |
43 | modelBuilder.Entity().HasData(
44 | new Client
45 | {
46 | Id = 1,
47 | RateLimitId = 1,
48 | Identifier = "client1",
49 | },
50 | new Client
51 | {
52 | Id = 2,
53 | RateLimitId = 2,
54 | Identifier = "client2",
55 | },
56 | new Client
57 | {
58 | Id = 3,
59 | RateLimitId = 3,
60 | Identifier = "client3",
61 | });
62 | }
63 | protected override void OnConfiguring(DbContextOptionsBuilder optionsBuilder)
64 | => optionsBuilder.UseSqlite($"Data Source={DbPath}");
65 |
66 | public DbSet Clients { get; set; }
67 |
68 | public DbSet RateLimits { get; set; }
69 | }
70 |
71 | public class RateLimit
72 | {
73 | public long Id { get; set; }
74 |
75 | public int PermitLimit { get; set; }
76 |
77 | public int QueueLimit { get; set; }
78 |
79 | public TimeSpan Window { get; set; }
80 |
81 | public List Clients { get; set; }
82 | }
83 |
84 | public class Client
85 | {
86 | public long Id { get; set; }
87 |
88 | public string Identifier { get; set; }
89 |
90 | public long RateLimitId { get; set; }
91 |
92 | public RateLimit RateLimit { get; set; }
93 | }
94 | }
95 |
--------------------------------------------------------------------------------
/test/RedisRateLimiting.Sample.AspNetCore/Migrations/20221113165632_DatabaseStructure.Designer.cs:
--------------------------------------------------------------------------------
1 | //
2 | using System;
3 | using Microsoft.EntityFrameworkCore;
4 | using Microsoft.EntityFrameworkCore.Infrastructure;
5 | using Microsoft.EntityFrameworkCore.Migrations;
6 | using Microsoft.EntityFrameworkCore.Storage.ValueConversion;
7 | using RedisRateLimiting.Sample.AspNetCore.Database;
8 |
9 | #nullable disable
10 |
11 | namespace RedisRateLimiting.Sample.AspNetCore.Migrations
12 | {
13 | [DbContext(typeof(SampleDbContext))]
14 | [Migration("20221113165632_DatabaseStructure")]
15 | partial class DatabaseStructure
16 | {
17 | ///
18 | protected override void BuildTargetModel(ModelBuilder modelBuilder)
19 | {
20 | #pragma warning disable 612, 618
21 | modelBuilder.HasAnnotation("ProductVersion", "7.0.0");
22 |
23 | modelBuilder.Entity("RedisRateLimiting.Sample.AspNetCore.Database.Client", b =>
24 | {
25 | b.Property("Id")
26 | .ValueGeneratedOnAdd()
27 | .HasColumnType("INTEGER");
28 |
29 | b.Property("Identifier")
30 | .HasColumnType("TEXT");
31 |
32 | b.Property("RateLimitId")
33 | .HasColumnType("INTEGER");
34 |
35 | b.HasKey("Id");
36 |
37 | b.HasIndex("RateLimitId");
38 |
39 | b.ToTable("Clients");
40 |
41 | b.HasData(
42 | new
43 | {
44 | Id = 1L,
45 | Identifier = "client1",
46 | RateLimitId = 1L
47 | },
48 | new
49 | {
50 | Id = 2L,
51 | Identifier = "client2",
52 | RateLimitId = 2L
53 | },
54 | new
55 | {
56 | Id = 3L,
57 | Identifier = "client2",
58 | RateLimitId = 3L
59 | });
60 | });
61 |
62 | modelBuilder.Entity("RedisRateLimiting.Sample.AspNetCore.Database.RateLimit", b =>
63 | {
64 | b.Property("Id")
65 | .ValueGeneratedOnAdd()
66 | .HasColumnType("INTEGER");
67 |
68 | b.Property("PermitLimit")
69 | .HasColumnType("INTEGER");
70 |
71 | b.Property("QueueLimit")
72 | .HasColumnType("INTEGER");
73 |
74 | b.Property("Window")
75 | .HasColumnType("TEXT");
76 |
77 | b.HasKey("Id");
78 |
79 | b.ToTable("RateLimits");
80 |
81 | b.HasData(
82 | new
83 | {
84 | Id = 1L,
85 | PermitLimit = 1,
86 | QueueLimit = 0,
87 | Window = new TimeSpan(0, 0, 0, 1, 0)
88 | },
89 | new
90 | {
91 | Id = 2L,
92 | PermitLimit = 2,
93 | QueueLimit = 0,
94 | Window = new TimeSpan(0, 0, 0, 1, 0)
95 | },
96 | new
97 | {
98 | Id = 3L,
99 | PermitLimit = 10,
100 | QueueLimit = 0,
101 | Window = new TimeSpan(0, 0, 0, 1, 0)
102 | });
103 | });
104 |
105 | modelBuilder.Entity("RedisRateLimiting.Sample.AspNetCore.Database.Client", b =>
106 | {
107 | b.HasOne("RedisRateLimiting.Sample.AspNetCore.Database.RateLimit", "RateLimit")
108 | .WithMany("Clients")
109 | .HasForeignKey("RateLimitId")
110 | .OnDelete(DeleteBehavior.Cascade)
111 | .IsRequired();
112 |
113 | b.Navigation("RateLimit");
114 | });
115 |
116 | modelBuilder.Entity("RedisRateLimiting.Sample.AspNetCore.Database.RateLimit", b =>
117 | {
118 | b.Navigation("Clients");
119 | });
120 | #pragma warning restore 612, 618
121 | }
122 | }
123 | }
124 |
--------------------------------------------------------------------------------
/test/RedisRateLimiting.Sample.AspNetCore/Migrations/20221113165632_DatabaseStructure.cs:
--------------------------------------------------------------------------------
1 | using Microsoft.EntityFrameworkCore.Migrations;
2 | using System.Diagnostics.CodeAnalysis;
3 |
4 | #nullable disable
5 |
6 | #pragma warning disable CA1814 // Prefer jagged arrays over multidimensional
7 |
8 | namespace RedisRateLimiting.Sample.AspNetCore.Migrations
9 | {
10 | ///
11 | [ExcludeFromCodeCoverage]
12 | public partial class DatabaseStructure : Migration
13 | {
14 | ///
15 | protected override void Up(MigrationBuilder migrationBuilder)
16 | {
17 | migrationBuilder.CreateTable(
18 | name: "RateLimits",
19 | columns: table => new
20 | {
21 | Id = table.Column(type: "INTEGER", nullable: false)
22 | .Annotation("Sqlite:Autoincrement", true),
23 | PermitLimit = table.Column(type: "INTEGER", nullable: false),
24 | QueueLimit = table.Column(type: "INTEGER", nullable: false),
25 | Window = table.Column(type: "TEXT", nullable: false)
26 | },
27 | constraints: table =>
28 | {
29 | table.PrimaryKey("PK_RateLimits", x => x.Id);
30 | });
31 |
32 | migrationBuilder.CreateTable(
33 | name: "Clients",
34 | columns: table => new
35 | {
36 | Id = table.Column(type: "INTEGER", nullable: false)
37 | .Annotation("Sqlite:Autoincrement", true),
38 | Identifier = table.Column(type: "TEXT", nullable: true),
39 | RateLimitId = table.Column(type: "INTEGER", nullable: false)
40 | },
41 | constraints: table =>
42 | {
43 | table.PrimaryKey("PK_Clients", x => x.Id);
44 | table.ForeignKey(
45 | name: "FK_Clients_RateLimits_RateLimitId",
46 | column: x => x.RateLimitId,
47 | principalTable: "RateLimits",
48 | principalColumn: "Id",
49 | onDelete: ReferentialAction.Cascade);
50 | });
51 |
52 | migrationBuilder.InsertData(
53 | table: "RateLimits",
54 | columns: new[] { "Id", "PermitLimit", "QueueLimit", "Window" },
55 | values: new object[,]
56 | {
57 | { 1L, 1, 0, new TimeSpan(0, 0, 0, 1, 0) },
58 | { 2L, 2, 0, new TimeSpan(0, 0, 0, 1, 0) },
59 | { 3L, 3, 0, new TimeSpan(0, 0, 0, 1, 0) }
60 | });
61 |
62 | migrationBuilder.InsertData(
63 | table: "Clients",
64 | columns: new[] { "Id", "Identifier", "RateLimitId" },
65 | values: new object[,]
66 | {
67 | { 1L, "client1", 1L },
68 | { 2L, "client2", 2L },
69 | { 3L, "client3", 3L }
70 | });
71 |
72 | migrationBuilder.CreateIndex(
73 | name: "IX_Clients_RateLimitId",
74 | table: "Clients",
75 | column: "RateLimitId");
76 | }
77 |
78 | ///
79 | protected override void Down(MigrationBuilder migrationBuilder)
80 | {
81 | migrationBuilder.DropTable(
82 | name: "Clients");
83 |
84 | migrationBuilder.DropTable(
85 | name: "RateLimits");
86 | }
87 | }
88 | }
89 |
--------------------------------------------------------------------------------
/test/RedisRateLimiting.Sample.AspNetCore/Migrations/SampleDbContextModelSnapshot.cs:
--------------------------------------------------------------------------------
1 | //
2 | using System;
3 | using Microsoft.EntityFrameworkCore;
4 | using Microsoft.EntityFrameworkCore.Infrastructure;
5 | using Microsoft.EntityFrameworkCore.Storage.ValueConversion;
6 | using RedisRateLimiting.Sample.AspNetCore.Database;
7 |
8 | #nullable disable
9 |
10 | namespace RedisRateLimiting.Sample.AspNetCore.Migrations
11 | {
12 | [DbContext(typeof(SampleDbContext))]
13 | partial class SampleDbContextModelSnapshot : ModelSnapshot
14 | {
15 | protected override void BuildModel(ModelBuilder modelBuilder)
16 | {
17 | #pragma warning disable 612, 618
18 | modelBuilder.HasAnnotation("ProductVersion", "7.0.0");
19 |
20 | modelBuilder.Entity("RedisRateLimiting.Sample.AspNetCore.Database.Client", b =>
21 | {
22 | b.Property("Id")
23 | .ValueGeneratedOnAdd()
24 | .HasColumnType("INTEGER");
25 |
26 | b.Property("Identifier")
27 | .HasColumnType("TEXT");
28 |
29 | b.Property("RateLimitId")
30 | .HasColumnType("INTEGER");
31 |
32 | b.HasKey("Id");
33 |
34 | b.HasIndex("RateLimitId");
35 |
36 | b.ToTable("Clients");
37 |
38 | b.HasData(
39 | new
40 | {
41 | Id = 1L,
42 | Identifier = "client1",
43 | RateLimitId = 1L
44 | },
45 | new
46 | {
47 | Id = 2L,
48 | Identifier = "client2",
49 | RateLimitId = 2L
50 | },
51 | new
52 | {
53 | Id = 3L,
54 | Identifier = "client2",
55 | RateLimitId = 3L
56 | });
57 | });
58 |
59 | modelBuilder.Entity("RedisRateLimiting.Sample.AspNetCore.Database.RateLimit", b =>
60 | {
61 | b.Property("Id")
62 | .ValueGeneratedOnAdd()
63 | .HasColumnType("INTEGER");
64 |
65 | b.Property("PermitLimit")
66 | .HasColumnType("INTEGER");
67 |
68 | b.Property("QueueLimit")
69 | .HasColumnType("INTEGER");
70 |
71 | b.Property("Window")
72 | .HasColumnType("TEXT");
73 |
74 | b.HasKey("Id");
75 |
76 | b.ToTable("RateLimits");
77 |
78 | b.HasData(
79 | new
80 | {
81 | Id = 1L,
82 | PermitLimit = 1,
83 | QueueLimit = 0,
84 | Window = new TimeSpan(0, 0, 0, 1, 0)
85 | },
86 | new
87 | {
88 | Id = 2L,
89 | PermitLimit = 2,
90 | QueueLimit = 0,
91 | Window = new TimeSpan(0, 0, 0, 1, 0)
92 | },
93 | new
94 | {
95 | Id = 3L,
96 | PermitLimit = 10,
97 | QueueLimit = 0,
98 | Window = new TimeSpan(0, 0, 0, 1, 0)
99 | });
100 | });
101 |
102 | modelBuilder.Entity("RedisRateLimiting.Sample.AspNetCore.Database.Client", b =>
103 | {
104 | b.HasOne("RedisRateLimiting.Sample.AspNetCore.Database.RateLimit", "RateLimit")
105 | .WithMany("Clients")
106 | .HasForeignKey("RateLimitId")
107 | .OnDelete(DeleteBehavior.Cascade)
108 | .IsRequired();
109 |
110 | b.Navigation("RateLimit");
111 | });
112 |
113 | modelBuilder.Entity("RedisRateLimiting.Sample.AspNetCore.Database.RateLimit", b =>
114 | {
115 | b.Navigation("Clients");
116 | });
117 | #pragma warning restore 612, 618
118 | }
119 | }
120 | }
121 |
--------------------------------------------------------------------------------
/test/RedisRateLimiting.Sample.AspNetCore/Program.cs:
--------------------------------------------------------------------------------
1 | using Microsoft.EntityFrameworkCore;
2 | using RedisRateLimiting.AspNetCore;
3 | using RedisRateLimiting.Sample.AspNetCore.Database;
4 | using RedisRateLimiting.Sample.Samples;
5 | using StackExchange.Redis;
6 |
7 | var builder = WebApplication.CreateBuilder(args);
8 |
9 | builder.Services.AddDbContext();
10 |
11 | var redisOptions = ConfigurationOptions.Parse(builder.Configuration.GetConnectionString("Redis")!);
12 | var connectionMultiplexer = ConnectionMultiplexer.Connect(redisOptions);
13 |
14 | builder.Services.AddSingleton(sp => connectionMultiplexer);
15 |
16 | builder.Services.AddRateLimiter(options =>
17 | {
18 | options.AddRedisConcurrencyLimiter("demo_concurrency_queue", (opt) =>
19 | {
20 | opt.ConnectionMultiplexerFactory = () => connectionMultiplexer;
21 | opt.PermitLimit = 2;
22 | opt.QueueLimit = 3;
23 | });
24 |
25 | options.AddRedisConcurrencyLimiter("demo_concurrency", (opt) =>
26 | {
27 | opt.ConnectionMultiplexerFactory = () => connectionMultiplexer;
28 | opt.PermitLimit = 2;
29 | });
30 |
31 | options.AddRedisTokenBucketLimiter("demo_token_bucket", (opt) =>
32 | {
33 | opt.ConnectionMultiplexerFactory = () => connectionMultiplexer;
34 | opt.TokenLimit = 2;
35 | opt.TokensPerPeriod = 1;
36 | opt.ReplenishmentPeriod = TimeSpan.FromSeconds(2);
37 | });
38 |
39 | options.AddRedisFixedWindowLimiter("demo_fixed_window", (opt) =>
40 | {
41 | opt.ConnectionMultiplexerFactory = () => connectionMultiplexer;
42 | opt.PermitLimit = 1;
43 | opt.Window = TimeSpan.FromSeconds(2);
44 | });
45 |
46 | options.AddRedisSlidingWindowLimiter("demo_sliding_window", (opt) =>
47 | {
48 | opt.ConnectionMultiplexerFactory = () => connectionMultiplexer;
49 | opt.PermitLimit = 1;
50 | opt.Window = TimeSpan.FromSeconds(2);
51 | });
52 |
53 | options.AddPolicy("demo_client_id");
54 |
55 | options.OnRejected = (context, ct) => RateLimitMetadata.OnRejected(context.HttpContext, context.Lease, ct);
56 | });
57 |
58 | builder.Services.AddControllers();
59 | builder.Services.AddEndpointsApiExplorer();
60 | builder.Services.AddSwaggerGen();
61 |
62 | var app = builder.Build();
63 |
64 | app.UseRateLimiter();
65 |
66 | if (app.Environment.IsDevelopment())
67 | {
68 | app.UseSwagger();
69 | app.UseSwaggerUI();
70 | }
71 |
72 | app.UseHttpsRedirection();
73 |
74 | app.UseAuthorization();
75 | app.MapControllers();
76 |
77 |
78 | using var scope = app.Services.CreateScope();
79 | var dbContext = scope.ServiceProvider.GetRequiredService();
80 | dbContext.Database.EnsureCreated();
81 |
82 | app.Run();
83 |
84 |
85 |
86 | // Hack: make the implicit Program class public so test projects can access it
87 | public partial class Program
88 | {
89 | protected Program() { }
90 | }
--------------------------------------------------------------------------------
/test/RedisRateLimiting.Sample.AspNetCore/Properties/launchSettings.json:
--------------------------------------------------------------------------------
1 | {
2 | "$schema": "https://json.schemastore.org/launchsettings.json",
3 | "iisSettings": {
4 | "windowsAuthentication": false,
5 | "anonymousAuthentication": true,
6 | "iisExpress": {
7 | "applicationUrl": "http://localhost:56057",
8 | "sslPort": 44384
9 | }
10 | },
11 | "profiles": {
12 | "RedisRateLimitingSample": {
13 | "commandName": "Project",
14 | "dotnetRunMessages": true,
15 | "launchBrowser": true,
16 | "launchUrl": "swagger",
17 | "applicationUrl": "https://localhost:7255;http://localhost:5255",
18 | "environmentVariables": {
19 | "ASPNETCORE_ENVIRONMENT": "Development"
20 | }
21 | },
22 | "IIS Express": {
23 | "commandName": "IISExpress",
24 | "launchBrowser": true,
25 | "launchUrl": "swagger",
26 | "environmentVariables": {
27 | "ASPNETCORE_ENVIRONMENT": "Development"
28 | }
29 | }
30 | }
31 | }
32 |
--------------------------------------------------------------------------------
/test/RedisRateLimiting.Sample.AspNetCore/RedisRateLimiting.Sample.AspNetCore.csproj:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | net8.0
5 | enable
6 | enable
7 |
8 |
9 |
10 |
11 | all
12 | runtime; build; native; contentfiles; analyzers; buildtransitive
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
--------------------------------------------------------------------------------
/test/RedisRateLimiting.Sample.AspNetCore/Samples/ClientIdRateLimiterPolicy.cs:
--------------------------------------------------------------------------------
1 | using Microsoft.AspNetCore.RateLimiting;
2 | using RedisRateLimiting.Sample.AspNetCore.Database;
3 | using StackExchange.Redis;
4 | using System.Threading.RateLimiting;
5 |
6 | namespace RedisRateLimiting.Sample.Samples
7 | {
8 | public class ClientIdRateLimiterPolicy : IRateLimiterPolicy
9 | {
10 | private readonly Func? _onRejected;
11 | private readonly IConnectionMultiplexer _connectionMultiplexer;
12 | private readonly IServiceProvider _serviceProvider;
13 | private readonly ILogger _logger;
14 |
15 | public ClientIdRateLimiterPolicy(
16 | IConnectionMultiplexer connectionMultiplexer,
17 | IServiceProvider serviceProvider,
18 | ILogger logger)
19 | {
20 | _serviceProvider = serviceProvider;
21 | _connectionMultiplexer = connectionMultiplexer;
22 | _logger = logger;
23 | _onRejected = (context, token) =>
24 | {
25 | context.HttpContext.Response.StatusCode = 429;
26 | return ValueTask.CompletedTask;
27 | };
28 | }
29 |
30 | public Func? OnRejected { get => _onRejected; }
31 |
32 | public RateLimitPartition GetPartition(HttpContext httpContext)
33 | {
34 | var clientId = httpContext.Request.Headers["X-ClientId"].ToString();
35 |
36 | using var scope = _serviceProvider.CreateScope();
37 | var dbContext = scope.ServiceProvider.GetRequiredService();
38 |
39 | var rateLimit = dbContext.Clients.Where(x => x.Identifier == clientId).Select(x => x.RateLimit).FirstOrDefault();
40 |
41 | var permitLimit = rateLimit?.PermitLimit ?? 1;
42 |
43 | _logger.LogInformation("Client: {clientId} PermitLimit: {permitLimit}", clientId, permitLimit);
44 |
45 | return RedisRateLimitPartition.GetConcurrencyRateLimiter(clientId, key => new RedisConcurrencyRateLimiterOptions
46 | {
47 | PermitLimit = permitLimit,
48 | QueueLimit = rateLimit?.QueueLimit ?? 0,
49 | ConnectionMultiplexerFactory = () => _connectionMultiplexer,
50 | });
51 | }
52 | }
53 | }
--------------------------------------------------------------------------------
/test/RedisRateLimiting.Sample.AspNetCore/WeatherForecast.cs:
--------------------------------------------------------------------------------
1 | namespace RedisRateLimiting.Sample
2 | {
3 | public class WeatherForecast
4 | {
5 | public DateTime Date { get; set; }
6 |
7 | public int TemperatureC { get; set; }
8 |
9 | public int TemperatureF => 32 + (int)(TemperatureC / 0.5556);
10 |
11 | public string? Summary { get; set; }
12 | }
13 | }
--------------------------------------------------------------------------------
/test/RedisRateLimiting.Sample.AspNetCore/appsettings.Development.json:
--------------------------------------------------------------------------------
1 | {
2 | "Logging": {
3 | "LogLevel": {
4 | "Default": "Information",
5 | "Microsoft.AspNetCore": "Warning"
6 | }
7 | }
8 | }
9 |
--------------------------------------------------------------------------------
/test/RedisRateLimiting.Sample.AspNetCore/appsettings.json:
--------------------------------------------------------------------------------
1 | {
2 | "Logging": {
3 | "LogLevel": {
4 | "Default": "Information",
5 | "Microsoft.AspNetCore": "Warning"
6 | }
7 | },
8 | "ConnectionStrings": {
9 | "Redis": ",abortConnect=False"
10 | },
11 | "AllowedHosts": "*"
12 | }
13 |
--------------------------------------------------------------------------------
/test/RedisRateLimiting.Tests/ClientIdPolicyIntegrationTests.cs:
--------------------------------------------------------------------------------
1 | using Microsoft.AspNetCore.Mvc.Testing;
2 | using RedisRateLimiting.AspNetCore;
3 | using System.Net;
4 | using Xunit;
5 |
6 | #pragma warning disable xUnit1031 // Do not use blocking task operations in test method
7 | namespace RedisRateLimiting.Tests
8 | {
9 | [Collection("Seq")]
10 | public class ClientIdPolicyIntegrationTests : IClassFixture>
11 | {
12 | private readonly HttpClient _httpClient;
13 | private readonly string _apiPath = "/clients";
14 |
15 | public ClientIdPolicyIntegrationTests(WebApplicationFactory factory)
16 | {
17 | _httpClient = factory.CreateClient(options: new WebApplicationFactoryClientOptions
18 | {
19 | BaseAddress = new Uri("https://localhost:7255"),
20 | });
21 | }
22 |
23 | [Theory]
24 | [InlineData("client1", 1)]
25 | [InlineData("client2", 2)]
26 | [InlineData("client3", 3)]
27 | [InlineData("clientX", 1)]
28 | public async Task GetRequestsEnforceLimit(string clientId, int permitLimit)
29 | {
30 | var tasks = new List>();
31 | var extra = 2;
32 |
33 | for (var i = 0; i < permitLimit + extra; i++)
34 | {
35 | tasks.Add(MakeRequestAsync(clientId));
36 | }
37 |
38 | await Task.WhenAll(tasks);
39 |
40 | Assert.Equal(permitLimit, tasks.Count(x => x.Result.StatusCode == HttpStatusCode.OK));
41 | Assert.Equal(extra, tasks.Count(x => x.Result.StatusCode == HttpStatusCode.TooManyRequests));
42 | }
43 |
44 | private async Task MakeRequestAsync(string clientId)
45 | {
46 | using var request = new HttpRequestMessage(new HttpMethod("GET"), _apiPath);
47 | request.Headers.Add("X-ClientId", clientId);
48 |
49 | using var response = await _httpClient.SendAsync(request);
50 |
51 | var rateLimitResponse = new RateLimitResponse
52 | {
53 | StatusCode = response.StatusCode,
54 | };
55 |
56 | if (response.Headers.TryGetValues(RateLimitHeaders.Limit, out var valuesLimit)
57 | && long.TryParse(valuesLimit.FirstOrDefault(), out var limit))
58 | {
59 | rateLimitResponse.Limit = limit;
60 | }
61 |
62 | if (response.Headers.TryGetValues(RateLimitHeaders.Remaining, out var valuesRemaining)
63 | && long.TryParse(valuesRemaining.FirstOrDefault(), out var remaining))
64 | {
65 | rateLimitResponse.Remaining = remaining;
66 | }
67 |
68 | return rateLimitResponse;
69 | }
70 |
71 | private sealed class RateLimitResponse
72 | {
73 | public HttpStatusCode StatusCode { get; set; }
74 |
75 | public long? Limit { get; set; }
76 |
77 | public long? Remaining { get; set; }
78 | }
79 | }
80 | }
--------------------------------------------------------------------------------
/test/RedisRateLimiting.Tests/ConcurrencyIntegrationTests.cs:
--------------------------------------------------------------------------------
1 | using Microsoft.AspNetCore.Mvc.Testing;
2 | using RedisRateLimiting.AspNetCore;
3 | using System.Net;
4 | using Xunit;
5 |
6 | #pragma warning disable xUnit1031 // Do not use blocking task operations in test method
7 | namespace RedisRateLimiting.Tests
8 | {
9 | [Collection("Seq")]
10 | public class ConcurrencyIntegrationTests : IClassFixture>
11 | {
12 | private readonly HttpClient _httpClient;
13 | private readonly string _apiPath = "/concurrency";
14 | private readonly string _apiPathQueue = "/concurrency/queue";
15 |
16 | public ConcurrencyIntegrationTests(WebApplicationFactory factory)
17 | {
18 | _httpClient = factory.CreateClient(options: new WebApplicationFactoryClientOptions
19 | {
20 | BaseAddress = new Uri("https://localhost:7255")
21 | });
22 | }
23 |
24 | [Fact]
25 | public async Task GetRequestsEnforceLimit()
26 | {
27 | var tasks = new List>();
28 |
29 | for (var i = 0; i < 5; i++)
30 | {
31 | tasks.Add(MakeRequestAsync(_apiPath));
32 | }
33 |
34 | await Task.WhenAll(tasks);
35 |
36 | Assert.Equal(3, tasks.Count(x => x.Result.StatusCode == HttpStatusCode.TooManyRequests));
37 | Assert.Equal(3, tasks.Count(x => x.Result.Limit == 2));
38 | Assert.Equal(3, tasks.Count(x => x.Result.Remaining == 0));
39 |
40 | await Task.Delay(1000);
41 |
42 | var response = await MakeRequestAsync(_apiPath);
43 | Assert.Equal(HttpStatusCode.OK, response.StatusCode);
44 |
45 | // Find a way to send rate limit headers when request is successful as well
46 | Assert.Null(response.Limit);
47 | Assert.Null(response.Remaining);
48 | }
49 |
50 | [Fact]
51 | public async Task GetQueuedRequests()
52 | {
53 | var tasks = new List>();
54 |
55 | for (var i = 0; i < 5; i++)
56 | {
57 | tasks.Add(MakeRequestAsync(_apiPathQueue));
58 | }
59 |
60 | await Task.WhenAll(tasks);
61 |
62 | Assert.Equal(5, tasks.Count(x => x.Result.StatusCode == HttpStatusCode.OK));
63 | }
64 |
65 | private async Task MakeRequestAsync(string path)
66 | {
67 | using var request = new HttpRequestMessage(new HttpMethod("GET"), path);
68 | using var response = await _httpClient.SendAsync(request);
69 |
70 | var rateLimitResponse = new RateLimitResponse
71 | {
72 | StatusCode = response.StatusCode,
73 | };
74 |
75 | if (response.Headers.TryGetValues(RateLimitHeaders.Limit, out var valuesLimit)
76 | && long.TryParse(valuesLimit.FirstOrDefault(), out var limit))
77 | {
78 | rateLimitResponse.Limit = limit;
79 | }
80 |
81 | if (response.Headers.TryGetValues(RateLimitHeaders.Remaining, out var valuesRemaining)
82 | && long.TryParse(valuesRemaining.FirstOrDefault(), out var remaining))
83 | {
84 | rateLimitResponse.Remaining = remaining;
85 | }
86 |
87 | return rateLimitResponse;
88 | }
89 |
90 | private sealed class RateLimitResponse
91 | {
92 | public HttpStatusCode StatusCode { get; set; }
93 |
94 | public long? Limit { get; set; }
95 |
96 | public long? Remaining { get; set; }
97 | }
98 | }
99 | }
--------------------------------------------------------------------------------
/test/RedisRateLimiting.Tests/FixedWindowIntegrationTests.cs:
--------------------------------------------------------------------------------
1 | using Microsoft.AspNetCore.Mvc.Testing;
2 | using RedisRateLimiting.AspNetCore;
3 | using System.Net;
4 | using Xunit;
5 |
6 | namespace RedisRateLimiting.Tests
7 | {
8 | [Collection("Seq")]
9 | public class FixedWindowIntegrationTests : IClassFixture>
10 | {
11 | private readonly HttpClient _httpClient;
12 | private readonly string _apiPath = "/fixedwindow";
13 |
14 | public FixedWindowIntegrationTests(WebApplicationFactory factory)
15 | {
16 | _httpClient = factory.CreateClient(options: new WebApplicationFactoryClientOptions
17 | {
18 | BaseAddress = new Uri("https://localhost:7255")
19 | });
20 | }
21 |
22 | [Fact]
23 | public async Task GetRequestsEnforceLimit()
24 | {
25 | var response = await MakeRequestAsync();
26 | Assert.Equal(HttpStatusCode.OK, response.StatusCode);
27 |
28 | response = await MakeRequestAsync();
29 | Assert.Equal(HttpStatusCode.TooManyRequests, response.StatusCode);
30 | Assert.Equal(1, response.Limit);
31 | Assert.Equal(0, response.Remaining);
32 | Assert.NotNull(response.RetryAfter);
33 |
34 | await Task.Delay(1000 * (response.RetryAfter.Value + 1));
35 |
36 | response = await MakeRequestAsync();
37 | Assert.Equal(HttpStatusCode.OK, response.StatusCode);
38 | }
39 |
40 | private async Task MakeRequestAsync()
41 | {
42 | using var request = new HttpRequestMessage(new HttpMethod("GET"), _apiPath);
43 | using var response = await _httpClient.SendAsync(request);
44 |
45 | var rateLimitResponse = new RateLimitResponse
46 | {
47 | StatusCode = response.StatusCode,
48 | };
49 |
50 | if (response.Headers.TryGetValues(RateLimitHeaders.Limit, out var valuesLimit)
51 | && long.TryParse(valuesLimit.FirstOrDefault(), out var limit))
52 | {
53 | rateLimitResponse.Limit = limit;
54 | }
55 |
56 | if (response.Headers.TryGetValues(RateLimitHeaders.Remaining, out var valuesRemaining)
57 | && long.TryParse(valuesRemaining.FirstOrDefault(), out var remaining))
58 | {
59 | rateLimitResponse.Remaining = remaining;
60 | }
61 |
62 | if (response.Headers.TryGetValues(RateLimitHeaders.RetryAfter, out var valuesRetryAfter)
63 | && int.TryParse(valuesRetryAfter.FirstOrDefault(), out var retryAfter))
64 | {
65 | rateLimitResponse.RetryAfter = retryAfter;
66 | }
67 |
68 | return rateLimitResponse;
69 | }
70 |
71 | private sealed class RateLimitResponse
72 | {
73 | public HttpStatusCode StatusCode { get; set; }
74 |
75 | public long? Limit { get; set; }
76 |
77 | public long? Remaining { get; set; }
78 |
79 | public int? RetryAfter { get; set; }
80 | }
81 | }
82 | }
--------------------------------------------------------------------------------
/test/RedisRateLimiting.Tests/Helpers/AssertExtensions.cs:
--------------------------------------------------------------------------------
1 | using Xunit;
2 |
3 | namespace RedisRateLimiting.Tests
4 | {
5 | public static class AssertExtensions
6 | {
7 | public static T Throws(string expectedParamName, Func