Realms¶

All views in the same realm are considered equally in terms of rate limiting. This allows you to rate-limit access to a collection of views as a whole, such as an API or registration process.

Each realm can have its own duration, limit, respones code/message, and allowed list. If not specified for a realm, these will fall back to the global defaults.

Config¶

Each Realm is configured by a dict with any of the following keys:

duration:

Duration (in seconds) for which the rate limiting applies.
If not specified, this defaults to RATED_DEFAULT_DURATION

limit:

Maximum requets allowed from a single client in the duration.
If not specified, this defaults to RATED_DEFAULT_LIMIT

code:

The HTTP Status code to use when a request is rate limited.
If not specified, this defaults to RATED_DEFAULT_CODE

message:

The content to include in responses for rate limited requests.
If not specified, this defaults to RATED_DEFAULT_MESSAGE

allowed:

A list of IPs of clients exempt from rate limiting in this realm.
If not specified, this defaults to RATED_DEFAULT_ALLOWED.

Example¶

RATED_REALMS = {
    # Limit access to the 'user_api' Realm to 10 requests in the last half hour.
    'user_api': {
        'limit': 10,
        'duration': 60 * 30,
    },
    # Return a 501 response when limited
    'signup': { 'code': 501 },
}

Realms¶

Config¶

Example¶

Table of Contents

Previous topic

Next topic

This Page