DEV Community

Cover image for How to implement rate limit in your server app?
Khushi Patel
Khushi Patel

Posted on

How to implement rate limit in your server app?

what is rate limit ?

Rate limiting is a strategy to limit the number of requests that a client can make to an API within a specific time frame.

rate limit

why we need rate limit ?

some time user make multiple request to the server in a short period of time, which can cause server to slow down or crash. To prevent this we need rate limit.
example:
your server can handle 100 request per second, but if a spam user make 50+ request in a second, then it can cause server to overwhlem and slow down so genuan user will also face the issue.
to prevent this we add one layer of rate limit, which will allow only 10 request per second to a user, so if a spam user make 50+ request in a second, then only 10 request will be processed and rest will be rejected.
you throw error with status code 429, which means too many request.

How to implement rate limit ?

there are many ways to handle rate limit, two of them are:
1. token bucket algorithm
2. leaky bucket algorithm

1. token bucket algorithm:

Here you have server which handle 100 request per second, so you will create a bucket with 100 token, and you will allow only 1 request per token.
so if a user make a request, then you will check if there is token in the bucket, if yes then you will process the request and remove the token from the bucket.
as request is processed, you will add the token in the bucket.
if there is no token in the bucket, then you will reject the request with status code 429.

leaky bucket algorithm
example:
Real world example of token bucket is customer service center, where customer are calling to the customer service center, and customer service center can handle only 10 call at a time by giving 1 token to 1 user, so if 11th customer call, then he will be put in the queue, and once one customer call is completed, then next customer will be allowed to call.

drawback:
if some greedy client make 100 request in a second, then he will get 100 token, and he can make 100 request in a second, and then genuine user will face the issue.

2. leaky bucket algorithm:

Assume it has you have one bucket which have one small hole in the bottom, and you are filling the bucket with water, and water is leaking from the hole ,can i say that water is leaking at a constant rate, so if you fill the bucket with water at a constant rate, then water will never overflow.

leaky bucket algorithm
so in the leaky bucket algorithm, allows limited number of request in a specific time frame, and if request are coming at a faster rate, then it will reject the request with status code 429.
example:
Real world example YouTube's message queue system receives video uploads from users and processes them in a controlled manner. The leaky bucket algorithm helps to regulate the flow of incoming videos and ensures that the video processing system can handle the incoming requests efficiently.

drawback:
Limited flexibility in adjusting to varying traffic patterns

Top comments (2)

Collapse
 
dev-team profile image
DevTeam

👍

Collapse
 
margish288 profile image
Margish Patel

really informative post