In this tutorial, you will learn how to rate limit requests to your Flask API to avoid users from hogging your resources.
First, create a simple Flask API
from flask import Flask
app = Flask('app')
@app.route('/')
def hello_world():
return 'Hello, World!'
app.run(host='0.0.0.0', port=8080)
It has a single endpoint that returns the string Hello World
. We will add a limit of a maximum of 5 requests per minute on this endpoint.
First, install the library flask_limiter
pip3 install flask_limiter
Next, update your Flask API with these couple of lines (Line #2 and Line #5)
from flask import Flask
from flask_limiter import Limiter,util
app = Flask('app')
limiter = Limiter( app, key_func=util.get_remote_address,default_limits=["5 per minute"])
@app.route('/')
def hello_world():
return 'Hello, World!'
app.run(host='0.0.0.0', port=8080)
By default, all your endpoints will have a limit of max of 5 requests per minute. You can specify different limits in a similar string format
{number_of_requests} per {time_metric=second||minute||hours||day}
Adding Multiple Rate Limits
When creating an instance of Limiter
, you can add multiple rate limits like below
limiter = Limiter( app,
key_func=util.get_remote_address,
default_limits=[
"5 per minute",
"50 per hour",
"200 per day"
])
Override the default rate limit or add an additional rate limit to a specific endpoint
@app.route('/customEndpoint1')
@limiter.limit('2 per minute',override_defaults = True)
def custom1():
return 'This endpoint has a rate-limit of 2 per minute'
The parameter override_defaults
is a boolean. If it is set to True, only the limit specified above the endpoint will be enforced. If it is set to False, the limit specified above the endpoint will be added to the default rate limit.
How to not enforce rate limits on specific endpoints
@app.route('/customEndpoint2')
@limiter.exempt
def custom2():
return 'This endpoint has no rate limit, make as many requests as you want'
Flask API with Rate Limiting
Below is the complete code with 4 endpoints
from flask import Flask
from flask_limiter import Limiter,util
app = Flask('app')
limiter = Limiter( app, key_func=util.get_remote_address,default_limits=["5 per minute"])
# Default Rate-Limit
@app.route('/')
def hello_world():
return 'Hello, World!'
# Rate Limit of 2 per minute
@app.route('/customEndpoint1')
@limiter.limit('2 per minute',override_defaults = True)
def custom1():
return 'This endpoint has a rate-limit of 2 per minute'
# No Rate Limit
@app.route('/customEndpoint2')
@limiter.exempt
def custom2():
return 'This endpoint has no rate limit, make as many requests as you want'
# Rate Limit of 10 per hour on top of Default Rate Limit
@app.route('/customEndpoint3')
@limiter.limit('10 per hour',override_defaults = False)
def custom3():
return 'This endpoint has a rate-limit of 10 per hour and 5 per minute'
app.run(host='0.0.0.0', port=8080)
Conclusion
I hope you found this short tutorial helpful. Check out this article if you are interested in learning how to send/receive data in Flask.