sparckles · IdoKendo · Jun 11, 2023 · Jun 15, 2023 · Jun 15, 2023 · Jun 15, 2023
diff --git a/clippy.toml b/clippy.toml
@@ -0,0 +1 @@
+too-many-arguments-threshold = 8
diff --git a/docs/env-variables.md b/docs/env-variables.md
@@ -30,3 +30,10 @@ To configure the max payload size, you can set the `ROBYN_MAX_PAYLOAD_SIZE` envi
 ROBYN_MAX_PAYLOAD_SIZE=1000000
 ```
 
+To configure the cache retention period, you can set the `ROBYN_CACHE_RETENTION` environment variable. The default value is `60` seconds.
+
+```bash
+#robyn.env
+ROBYN_MAX_PAYLOAD_SIZE=60
+```
+
diff --git a/docs/features.md b/docs/features.md
@@ -603,3 +603,25 @@ def hello():
 
 app.include_router(sub_router)
 ```
+
+## Rate limiting
+
+Robyn provides built-in rate limiting functionality, allowing you to control the frequency of requests made to the API.
+
+By implementing rate limiting, you can manage resource consumption, prevent abuse, and maintain system stability, ensuring a smooth and reliable user experience.
+
+In order to the rate limiter to properly identify users, a `Request` object must be defined as an input parameter for the route.
+
+```python
+from robyn import Robyn, RateLimiter
+
+app = Robyn(__file__)
+
+rate_limiter = RateLimiter(calls_limit=3, limit_ttl=60)
+
+@app.get("/throttled_route", rate_limiter=rate_limiter)
+def throttled_route(request: Request):
+    return "OK"
+```
+
+In this example the limit for `/throttled_route` is 3 calls per 1 minutes (60 seconds)
diff --git a/integration_tests/base_routes.py b/integration_tests/base_routes.py
@@ -7,6 +7,7 @@
 from robyn import WS, Robyn, Request, Response, jsonify, serve_file, serve_html
 from robyn.authentication import AuthenticationHandler, BearerGetter, Identity
 from robyn.templating import JinjaTemplate
+from robyn.throttling import RateLimiter
 
 from integration_tests.views import SyncView, AsyncView
 from integration_tests.subroutes import sub_router
@@ -711,6 +712,41 @@ async def async_auth(request: Request):
     return "authenticated"
 
 
+# ===== Rate Limiting ====
+
+rate_limiter = RateLimiter(calls_limit=3, limit_ttl=60)
+
+
+@app.get("/sync/rate/get", rate_limiter=rate_limiter)
+def sync_rate_get(request: Request):
+    return "OK"
+
+
+@app.get("/async/rate/get", rate_limiter=rate_limiter)
+async def async_rate_get(request: Request):
+    return "OK"
+
+
+@app.put("/sync/rate/put", rate_limiter=rate_limiter)
+def sync_rate_put(request: Request):
+    return "OK"
+
+
+@app.put("/async/rate/put", rate_limiter=rate_limiter)
+async def async_rate_put(request: Request):
+    return "OK"
+
+
+@app.post("/sync/rate/post", rate_limiter=rate_limiter)
+def sync_rate_post(request: Request):
+    return "OK"
+
+
+@app.post("/async/rate/post", rate_limiter=rate_limiter)
+async def async_rate_post(request: Request):
+    return "OK"
+
+
 # ===== Main =====
 
 

diff --git a/integration_tests/conftest.py b/integration_tests/conftest.py
@@ -116,6 +116,17 @@ def test_session():
     kill_process(process)
 
 
+@pytest.fixture
+def test_rate_limiting_session():
+    domain = "127.0.0.1"
+    port = 8082
+    os.environ["ROBYN_URL"] = domain
+    os.environ["ROBYN_PORT"] = str(port)
+    process = start_server(domain, port, is_dev=True)
+    yield
+    kill_process(process)
+
+
 # create robyn.env before test and delete it after test
 @pytest.fixture
 def env_file():

diff --git a/integration_tests/helpers/http_methods_helpers.py b/integration_tests/helpers/http_methods_helpers.py
@@ -22,6 +22,8 @@ def get(
     expected_status_code: int = 200,
     headers: dict = {},
     should_check_response: bool = True,
+    *,
+    base_url: str = BASE_URL,
 ) -> requests.Response:
     """
     Makes a GET request to the given endpoint and checks the response.
@@ -32,7 +34,7 @@ def get(
     should_check_response bool: A boolean to indicate if the status code and headers should be checked.
     """
     endpoint = endpoint.strip("/")
-    response = requests.get(f"{BASE_URL}/{endpoint}", headers=headers)
+    response = requests.get(f"{base_url}/{endpoint}", headers=headers)
     if should_check_response:
         check_response(response, expected_status_code)
     return response
@@ -44,6 +46,8 @@ def post(
     expected_status_code: int = 200,
     headers: dict = {},
     should_check_response: bool = True,
+    *,
+    base_url: str = BASE_URL,
 ) -> requests.Response:
     """
     Makes a POST request to the given endpoint and checks the response.
@@ -55,7 +59,7 @@ def post(
     """
 
     endpoint = endpoint.strip("/")
-    response = requests.post(f"{BASE_URL}/{endpoint}", data=data, headers=headers)
+    response = requests.post(f"{base_url}/{endpoint}", data=data, headers=headers)
     if should_check_response:
         check_response(response, expected_status_code)
     return response
@@ -67,6 +71,8 @@ def put(
     expected_status_code: int = 200,
     headers: dict = {},
     should_check_response: bool = True,
+    *,
+    base_url: str = BASE_URL,
 ) -> requests.Response:
     """
     Makes a PUT request to the given endpoint and checks the response.
@@ -78,7 +84,7 @@ def put(
     """
 
     endpoint = endpoint.strip("/")
-    response = requests.put(f"{BASE_URL}/{endpoint}", data=data, headers=headers)
+    response = requests.put(f"{base_url}/{endpoint}", data=data, headers=headers)
     if should_check_response:
         check_response(response, expected_status_code)
     return response
@@ -90,6 +96,8 @@ def patch(
     expected_status_code: int = 200,
     headers: dict = {},
     should_check_response: bool = True,
+    *,
+    base_url: str = BASE_URL,
 ) -> requests.Response:
     """
     Makes a PATCH request to the given endpoint and checks the response.
@@ -101,7 +109,7 @@ def patch(
     """
 
     endpoint = endpoint.strip("/")
-    response = requests.patch(f"{BASE_URL}/{endpoint}", data=data, headers=headers)
+    response = requests.patch(f"{base_url}/{endpoint}", data=data, headers=headers)
     if should_check_response:
         check_response(response, expected_status_code)
     return response
@@ -113,6 +121,8 @@ def delete(
     expected_status_code: int = 200,
     headers: dict = {},
     should_check_response: bool = True,
+    *,
+    base_url: str = BASE_URL,
 ) -> requests.Response:
     """
     Makes a DELETE request to the given endpoint and checks the response.
@@ -124,7 +134,7 @@ def delete(
     """
 
     endpoint = endpoint.strip("/")
-    response = requests.delete(f"{BASE_URL}/{endpoint}", data=data, headers=headers)
+    response = requests.delete(f"{base_url}/{endpoint}", data=data, headers=headers)
     if should_check_response:
         check_response(response, expected_status_code)
     return response
@@ -136,6 +146,8 @@ def head(
     expected_status_code: int = 200,
     headers: dict = {},
     should_check_response: bool = True,
+    *,
+    base_url: str = BASE_URL,
 ) -> requests.Response:
     """
     Makes a HEAD request to the given endpoint and checks the response.
@@ -147,7 +159,7 @@ def head(
     """
 
     endpoint = endpoint.strip("/")
-    response = requests.head(f"{BASE_URL}/{endpoint}", data=data, headers=headers)
+    response = requests.head(f"{base_url}/{endpoint}", data=data, headers=headers)
     if should_check_response:
         check_response(response, expected_status_code)
     return response
@@ -162,6 +174,8 @@ def generic_http_helper(
     expected_status_code: int = 200,
     headers: dict = {},
     should_check_response: bool = True,
+    *,
+    base_url: str = BASE_URL,
 ) -> requests.Response:
     """
     Makes a request to the given endpoint and checks the response.
@@ -178,10 +192,10 @@ def generic_http_helper(
             f"{method} method must be one of get, post, put, patch, delete"
         )
     if method == "get":
-        response = requests.get(f"{BASE_URL}/{endpoint}", headers=headers)
+        response = requests.get(f"{base_url}/{endpoint}", headers=headers)
     else:
         response = requests.request(
-            method, f"{BASE_URL}/{endpoint}", data=data, headers=headers
+            method, f"{base_url}/{endpoint}", data=data, headers=headers
         )
     if should_check_response:
         check_response(response, expected_status_code)

diff --git a/integration_tests/test_rate_limiting.py b/integration_tests/test_rate_limiting.py
@@ -0,0 +1,31 @@
+from collections.abc import Callable
+import pytest
+from helpers.http_methods_helpers import get, post, put
+
+
+@pytest.mark.benchmark
+@pytest.mark.parametrize(
+    "route,method",
+    [
+        ("/sync/rate/get", get),
+        ("/async/rate/get", get),
+        ("/sync/rate/put", put),
+        ("/async/rate/put", put),
+        ("/sync/rate/post", post),
+        ("/async/rate/post", post),
+    ],
+)
+def test_throttling(
+    route: str,
+    method: Callable,
+    test_rate_limiting_session,
+):
+    BASE_URL = "http://127.0.0.1:8082"
+    r = method(route, expected_status_code=200, base_url=BASE_URL)
+    assert r.text == "OK"
+    r = method(route, expected_status_code=200, base_url=BASE_URL)
+    assert r.text == "OK"
+    r = method(route, expected_status_code=200, base_url=BASE_URL)
+    assert r.text == "OK"
+    r = method(route, expected_status_code=429, base_url=BASE_URL)
+    assert r.text == "Rate limit exceeded"