Skip to main content

Module rate_limit

actix_security::http::security

Module rate_limit

Expand description

Rate Limiting middleware for brute-force protection.

Provides configurable rate limiting to protect against brute-force attacks, DDoS attempts, and API abuse.

§Spring Security Equivalent

Similar to Spring Security’s RateLimiter and integration with Bucket4j.

§Example

use actix_security::http::security::rate_limit::{RateLimiter, RateLimitConfig};
use actix_web::{App, HttpServer};

let rate_limiter = RateLimiter::new(
    RateLimitConfig::new()
        .requests_per_second(10)
        .burst_size(20)
);

HttpServer::new(move || {
    App::new()
        .wrap(rate_limiter.clone())
        .route("/api/login", web::post().to(login))
})

Structs§

RateLimitBuilder: Builder for endpoint-specific rate limits.
RateLimitConfig: Rate limit configuration.
RateLimitExceeded: Rate limit exceeded error response.
RateLimitInfo: Rate limit information for headers.
RateLimiter: Rate limiter middleware.
RateLimiterMiddleware: Rate limiter middleware service.
RateLimiterState: Rate limiter state.

Enums§

KeyExtractor: Strategy for identifying clients for rate limiting.
RateLimitAlgorithm: Rate limiting algorithm.

Type Aliases§

KeyExtractorFn: Type alias for custom key extractor function.