Applying a rate limit to a web service endpoint using request filter
When creating a live API for developers to consume, it's a good idea to protect your API from abuse or misuse by limiting how many times developers can make requests within a specific timeframe. How much this is restricted will depend on a number of factors, including server resources, load generated by a request, and others. In this recipe, we will write a request filter attribute that can be applied to a web-service method to restrict the number of requests in a timeframe a single session can make. This recipe describes a technique that works well for a single server—if your web application has more than one web app server, you'll need to use a distributed cache of some kind, possibly a Redis instance instead of MemoryCache
, which has been used in this recipe.
Getting ready
If you are using a non-express version of Visual Studio, you can start this recipe using ServiceStackVS and create a new project based on any of the...