skp-ratelimit 0.1.2

Advanced, modular, extensible rate limiting library with GCRA, per-route quotas, and composite keys
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360

//! Quota configuration for rate limiting.
//!
//! A `Quota` defines the rate limiting parameters: how many requests are allowed
//! over what time period, and optionally how much burst capacity is available.
//!
//! # Examples
//!
//! ```ignore
//! use oc_ratelimit_advanced::Quota;
//! use std::time::Duration;
//!
//! // 100 requests per minute
//! let quota = Quota::per_minute(100);
//!
//! // 100 requests per minute with burst of 150
//! let quota = Quota::per_minute(100).with_burst(150);
//!
//! // GCRA-style: one request per 100ms
//! let quota = Quota::simple(Duration::from_millis(100));
//!
//! // Custom: 50 requests per 30 seconds
//! let quota = Quota::new(50, Duration::from_secs(30));
//! ```

use std::time::Duration;

use serde::{Deserialize, Serialize};

use crate::error::{ConfigError, Result};

/// Rate limiting quota configuration.
///
/// A quota defines the maximum number of requests allowed within a time window,
/// along with optional burst capacity for handling traffic spikes.
#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
pub struct Quota {
    /// Maximum number of requests in the window.
    max_requests: u64,

    /// Time window duration.
    window: Duration,

    /// Maximum burst size (defaults to max_requests if not set).
    burst: Option<u64>,

    /// Refill rate for token-based algorithms (tokens per second).
    /// If not set, calculated from max_requests / window.
    refill_rate: Option<f64>,
}

impl Quota {
    /// Create a new quota with the given maximum requests and window.
    ///
    /// # Arguments
    ///
    /// * `max_requests` - Maximum requests allowed in the window
    /// * `window` - Duration of the rate limiting window
    ///
    /// # Panics
    ///
    /// Panics if `max_requests` is 0 or `window` is zero duration.
    pub fn new(max_requests: u64, window: Duration) -> Self {
        assert!(max_requests > 0, "max_requests must be greater than 0");
        assert!(!window.is_zero(), "window must be non-zero");

        Self {
            max_requests,
            window,
            burst: None,
            refill_rate: None,
        }
    }

    /// Create a quota allowing `n` requests per second.
    pub fn per_second(n: u64) -> Self {
        Self::new(n, Duration::from_secs(1))
    }

    /// Create a quota allowing `n` requests per minute.
    pub fn per_minute(n: u64) -> Self {
        Self::new(n, Duration::from_secs(60))
    }

    /// Create a quota allowing `n` requests per hour.
    pub fn per_hour(n: u64) -> Self {
        Self::new(n, Duration::from_secs(3600))
    }

    /// Create a quota allowing `n` requests per day.
    pub fn per_day(n: u64) -> Self {
        Self::new(n, Duration::from_secs(86400))
    }

    /// Create a GCRA-style simple quota with a fixed period between requests.
    ///
    /// This is equivalent to 1 request per `period`, suitable for GCRA algorithm.
    ///
    /// # Example
    ///
    /// ```ignore
    /// // Allow 1 request every 100ms (10 requests per second)
    /// let quota = Quota::simple(Duration::from_millis(100));
    /// ```
    pub fn simple(period: Duration) -> Self {
        Self::new(1, period)
    }

    /// Create a GCRA-style quota with burst allowance.
    ///
    /// # Arguments
    ///
    /// * `period` - Minimum time between requests
    /// * `burst` - Maximum burst capacity
    pub fn with_period_and_burst(period: Duration, burst: u64) -> Self {
        Self::new(1, period).with_burst(burst)
    }

    /// Try to create a new quota, returning an error if invalid.
    pub fn try_new(max_requests: u64, window: Duration) -> Result<Self> {
        if max_requests == 0 {
            return Err(ConfigError::InvalidQuota("max_requests must be greater than 0".into()).into());
        }
        if window.is_zero() {
            return Err(ConfigError::InvalidQuota("window must be non-zero".into()).into());
        }
        Ok(Self {
            max_requests,
            window,
            burst: None,
            refill_rate: None,
        })
    }

    /// Set the burst size (maximum requests that can be made instantly).
    ///
    /// The burst capacity determines how many requests can be made in quick
    /// succession before rate limiting kicks in. This can be smaller than
    /// `max_requests` to limit bursts while allowing a higher sustained rate.
    pub fn with_burst(mut self, burst: u64) -> Self {
        self.burst = Some(burst);
        self
    }

    /// Set a custom refill rate (tokens per second).
    ///
    /// If not set, the refill rate is calculated as `max_requests / window_seconds`.
    pub fn with_refill_rate(mut self, rate: f64) -> Self {
        self.refill_rate = Some(rate);
        self
    }

    /// Get the maximum requests allowed per window.
    pub fn max_requests(&self) -> u64 {
        self.max_requests
    }

    /// Get the window duration.
    pub fn window(&self) -> Duration {
        self.window
    }

    /// Get the effective burst size.
    ///
    /// Returns the configured burst, or `max_requests` if not set.
    pub fn effective_burst(&self) -> u64 {
        self.burst.unwrap_or(self.max_requests)
    }

    /// Get the effective refill rate (tokens per second).
    ///
    /// Returns the configured rate, or calculates from `max_requests / window_seconds`.
    pub fn effective_refill_rate(&self) -> f64 {
        self.refill_rate.unwrap_or_else(|| {
            self.max_requests as f64 / self.window.as_secs_f64()
        })
    }

    /// Get the period between requests for GCRA.
    ///
    /// For GCRA, this is the minimum time that must elapse between requests.
    pub fn period(&self) -> Duration {
        Duration::from_secs_f64(self.window.as_secs_f64() / self.max_requests as f64)
    }

    /// Get the maximum time shift for GCRA (burst tolerance).
    ///
    /// This is how far ahead the theoretical arrival time (TAT) can be
    /// while still allowing the request.
    pub fn max_tat_offset(&self) -> Duration {
        let burst = self.effective_burst();
        Duration::from_secs_f64(self.period().as_secs_f64() * (burst - 1) as f64)
    }

    /// Calculate how long until a quota would be fully replenished.
    pub fn full_replenish_time(&self) -> Duration {
        self.window
    }
}

impl Default for Quota {
    fn default() -> Self {
        Self::per_minute(60)
    }
}

/// Builder for creating quotas with validation.
#[derive(Debug, Default)]
pub struct QuotaBuilder {
    max_requests: Option<u64>,
    window: Option<Duration>,
    burst: Option<u64>,
    refill_rate: Option<f64>,
}

impl QuotaBuilder {
    /// Create a new quota builder.
    pub fn new() -> Self {
        Self::default()
    }

    /// Set the maximum requests per window.
    pub fn max_requests(mut self, n: u64) -> Self {
        self.max_requests = Some(n);
        self
    }

    /// Set the window duration.
    pub fn window(mut self, duration: Duration) -> Self {
        self.window = Some(duration);
        self
    }

    /// Set the burst size.
    pub fn burst(mut self, n: u64) -> Self {
        self.burst = Some(n);
        self
    }

    /// Set the refill rate.
    pub fn refill_rate(mut self, rate: f64) -> Self {
        self.refill_rate = Some(rate);
        self
    }

    /// Build the quota, returning an error if invalid.
    pub fn build(self) -> Result<Quota> {
        let max_requests = self.max_requests
            .ok_or_else(|| ConfigError::MissingRequired("max_requests".into()))?;
        let window = self.window
            .ok_or_else(|| ConfigError::MissingRequired("window".into()))?;

        let mut quota = Quota::try_new(max_requests, window)?;

        if let Some(burst) = self.burst {
            quota = quota.with_burst(burst);
        }
        if let Some(rate) = self.refill_rate {
            quota = quota.with_refill_rate(rate);
        }

        Ok(quota)
    }
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn test_quota_per_second() {
        let quota = Quota::per_second(10);
        assert_eq!(quota.max_requests(), 10);
        assert_eq!(quota.window(), Duration::from_secs(1));
        assert_eq!(quota.effective_burst(), 10);
        assert!((quota.effective_refill_rate() - 10.0).abs() < 0.001);
    }

    #[test]
    fn test_quota_per_minute() {
        let quota = Quota::per_minute(60);
        assert_eq!(quota.max_requests(), 60);
        assert_eq!(quota.window(), Duration::from_secs(60));
        assert!((quota.effective_refill_rate() - 1.0).abs() < 0.001);
    }

    #[test]
    fn test_quota_with_burst() {
        let quota = Quota::per_minute(60).with_burst(100);
        assert_eq!(quota.max_requests(), 60);
        assert_eq!(quota.effective_burst(), 100);
    }

    #[test]
    fn test_quota_burst_smaller_than_max() {
        // Burst CAN be smaller than max_requests
        let quota = Quota::per_minute(60).with_burst(30);
        assert_eq!(quota.effective_burst(), 30);
    }

    #[test]
    fn test_quota_simple() {
        let quota = Quota::simple(Duration::from_millis(100));
        assert_eq!(quota.max_requests(), 1);
        assert_eq!(quota.window(), Duration::from_millis(100));
        assert_eq!(quota.period(), Duration::from_millis(100));
    }

    #[test]
    fn test_quota_gcra_period() {
        let quota = Quota::per_second(10);
        assert_eq!(quota.period(), Duration::from_millis(100));
    }

    #[test]
    fn test_quota_max_tat_offset() {
        let quota = Quota::per_second(1).with_burst(5);
        // With 5 burst, can be 4 periods ahead
        let offset = quota.max_tat_offset();
        assert_eq!(offset, Duration::from_secs(4));
    }

    #[test]
    fn test_quota_builder() {
        let quota = QuotaBuilder::new()
            .max_requests(100)
            .window(Duration::from_secs(60))
            .burst(150)
            .build()
            .unwrap();

        assert_eq!(quota.max_requests(), 100);
        assert_eq!(quota.window(), Duration::from_secs(60));
        assert_eq!(quota.effective_burst(), 150);
    }

    #[test]
    fn test_quota_builder_missing_fields() {
        let result = QuotaBuilder::new()
            .max_requests(100)
            .build();
        assert!(result.is_err());

        let result = QuotaBuilder::new()
            .window(Duration::from_secs(60))
            .build();
        assert!(result.is_err());
    }

    #[test]
    #[should_panic]
    fn test_quota_zero_requests_panics() {
        Quota::new(0, Duration::from_secs(60));
    }

    #[test]
    #[should_panic]
    fn test_quota_zero_window_panics() {
        Quota::new(100, Duration::ZERO);
    }
}