you could save identifiers like a key or jus the ip in a hashmap

use ip as the key and the value would be a object with requests and max requests

Okay so basically getting the ip, setting a number and if number > 10 for example then dont do anything

requests >= max

deny

yea

you are doing this in the middleware or in the route?

u can do this in your api route

have a class that can be instanced and has a getter

as ratelimit

const ratelimit = new Ratelimit()

Okay I guess then i am going to look how i do that. I guess it makes sense for login and register api route

ratelimit.getInstance.getHashMap

ye<h

@Tonkinese keep in mind, that you need a serverfull enviorement, when you want to use this solution. Vercel for example is serverless

👍

Can we do it in a serverless environment somehow?

Yes, save the data to a server. That can be a database or a cache or …

Oh makes sense

This is not entirely accurate. In memory caching in a serverless env will work, you just have to consider the fact that when your lambda container scales the new one will have an empty cache (or scales down)

Which means your rate limiting isn’t 100%

But for basic api rate limiting for a single user session this is actually not a problem

Because you won’t auto scale horizontally unless you have a lot of concurrent traffic or using edge apis

In other words, ephemeral data in serverless is viable solution if that is acceptable to your use case.