slowapi/docs/examples.md

Examples

Here are some examples of setup to get you started. Please open an issue if you have a use case that is not included here.

The tests show a lot of different use cases that are not all covered here.

Apply a global (default) limit to all routes

    from starlette.applications import Starlette
    from slowapi import Limiter, _rate_limit_exceeded_handler
    from slowapi.util import get_remote_address
    from slowapi.middleware import SlowAPIMiddleware
    from slowapi.errors import RateLimitExceeded

    limiter = Limiter(key_func=get_remote_address, default_limits=["1/minute"])
    app = Starlette()
    app.state.limiter = limiter
    app.add_exception_handler(RateLimitExceeded, _rate_limit_exceeded_handler)
    app.add_middleware(SlowAPIMiddleware)

    # this will be limited by the default_limits
    async def homepage(request: Request):
        return PlainTextResponse("Only once per minute")

    app.add_route("/home", homepage)

Exempt a route from the global limit

    @app.route("/someroute")
    @limiter.exempt
    def t(request: Request):
        return PlainTextResponse("I'm unlimited")

Disable the limiter entirely

You might want to disable the limiter, for instance for testing, etc... Note that this disables it entirely, for all users. It is essentially as if the limiter was not there. Simply pass enabled=False to the constructor.

    limiter = Limiter(key_func=get_remote_address, enabled=False)

    @app.route("/someroute")
    @limiter.exempt
    def t(request: Request):
        return PlainTextResponse("I'm unlimited")

You can always switch this during the lifetime of the limiter:

    limiter.enabled = False

Use redis as backend for the limiter

limiter = Limiter(key_func=get_remote_address, storage_uri="redis://<host>:<port>/n")

where the /n in the redis url is the database number. To use the default one, just drop the /n from the url.

There are more examples in the limits docs which is the library slowapi uses to manage storage.