implement rate limit

[Benjtalkshow]

Resolves #148

Rate Limiting Implementation

This pull request implements rate limiting for the API endpoints in the project using Upstash Redis. The implementation ensures that users are limited in the number of requests they can make to the API within a specified time frame.

Files and Folders Created

• src/middleware.ts:

  • This file contains the rate limiting middleware that checks the number of requests made by each IP address and enforces the rate limit.

• src/lib/redis.ts:

  • This file sets up the Redis client using Upstash Redis, allowing the middleware to store and retrieve rate limit data.

• src/scripts/test-rate-limit.ts:

  • This script is used to test the rate limiting implementation locally by making multiple requests to the API endpoints.

• src/types/redis.d.ts

Rate Limit Configuration

• Rate Limit: 20 requests
• Interval: 10 seconds

This means that each IP address is allowed to make up to 20 requests within a 10-second window. After exceeding this limit, further requests will receive a 429 status until the window resets.

Testing the Implementation Locally

1. Set Up Environment Variables:
   Create a .env.local file in the root of the project and add the following variables:

   UPSTASH_REDIS_REST_URL=https://your-upstash-redis-url
   UPSTASH_REDIS_REST_TOKEN=your-upstash-redis-token
   # Rate limiting configuration
   RATE_LIMIT_REQUESTS=50
   RATE_LIMIT_WINDOW=60 s
   

2. Run the Development Server:
   Start the local development server:

   yarn dev

3. Test the Rate Limiting:
   Run the rate limit test script to verify the implementation:

   yarn ts-node --project tsconfig.server.json src/scripts/test-rate-limit.ts

Live Demo

Result

Finally

This implementation provides a robust rate limiting solution for the API, ensuring fair usage and preventing abuse. Please review the changes and let me know if you have any questions or feedback.
This implementation works both in Development and Production. Check your console on production.

Checklist before requesting a review

• I have performed a self-review of my code
• I assure there is no similar/duplicate pull request regarding same issue
• My PR passes all checks (build, lint, formatting, etc)

[Benjtalkshow]

@akiraonstarknet
Please review

[EjembiEmmanuel]

@Benjtalkshow please deploy on vercel and include the deployment link in the description

[EjembiEmmanuel]

use env variables to configure tokens and window arguments with a fallback to the default values.

[EjembiEmmanuel]

Include rate-limiting details in response headers (X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset), as clients may rely on headers instead of JSON for such information

[Benjtalkshow]

@EjembiEmmanuel
https://starkfarm-client-blue.vercel.app/

[EjembiEmmanuel]

@akiraonstarknet lgtm, over to you

[Benjtalkshow]

@akiraonstarknet
Will you still merge this code?