SPDT
/
sapl
mirror of https://github.com/interlegis/sapl.git
5
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

Lower API rate limit threshold from 60 to 35 req/min 

Forces script/integration owners toward sane polling intervals.
35/min is still well above any legitimate use case (a live session
panel at 10 s intervals needs only 6/min). Threshold remains
env-configurable (API_RATE_LIMIT_THRESHOLD) for future adjustment.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
rate-limiter-2026
Edward Ribeiro 3 weeks ago
parent
1c9ca823e8
commit
0cbc4e308f
1 changed files with 1 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      sapl/settings.py

2
sapl/settings.py
View File

@ -445,7 +445,7 @@ API_QUOTA_WEEKLY = config('API_QUOTA_WEEKLY', default=3500, cast=int)
# API-specific per-minute rate limit for external (non-same-origin) anonymous calls.
# Abuse writes rl:api:ip:<ip>:blocked only — never rl:ip:<ip>:blocked.
API_RATE_LIMIT_ENABLED = config('API_RATE_LIMIT_ENABLED', default=True, cast=bool)
API_RATE_LIMIT_THRESHOLD = config('API_RATE_LIMIT_THRESHOLD', default=60, cast=int)
API_RATE_LIMIT_THRESHOLD = config('API_RATE_LIMIT_THRESHOLD', default=35, cast=int)
API_RATE_LIMIT_WINDOW_SECONDS = config('API_RATE_LIMIT_WINDOW_SECONDS', default=60, cast=int)
API_RATE_LIMIT_BLOCK_SECONDS = config('API_RATE_LIMIT_BLOCK_SECONDS', default=300, cast=int)
API_RATE_LIMIT_SAME_ORIGIN_BYPASS = config('API_RATE_LIMIT_SAME_ORIGIN_BYPASS', default=True, cast=bool)

Write Preview
Loading…
Cancel
Save