REPOSE is an open-source RESTful HTTP proxy service that scales to the cloud. REPOSE provides the solution to common API processing tasks such as rate limiting, client authentication, versioning, and logging so that web service developers can focus on the unique features of their services.
Repose can be run as a standalone application (either as a Linux service or using the JAR directly), or it can be deployed as a WAR file in a servlet container alongside your origin service. Repose can be run on the same server or on a different server, and it can be run across multiple servers for horizontal scaling. At its core, Repose is a proxy that allows services to use Enterprise Integration Patterns (EIP).
Tags | service utility library helper api rate-limiting ratelimit authentication cors |
Implementation | Java |
License | Apache |
Platform | OS-Independent |
The rate limit service is a Go/gRPC service designed to enable generic rate limit scenarios from different types of applications. Applications request a rate limit decision based on a domain and a set of descriptors. The service reads the configuration from disk via runtime, composes a cache key, and talks to the Redis cache. A decision is then returned to the caller. Envoy's data-plane-api defines a ratelimit service proto rls.proto. Logically the data-plane-api rls is equivalent to the ratelimit.proto defined in this repo. However, due to the namespace differences and how gRPC routing works it is not possible to transparently route the legacy ratelimit (ones based in the ratelimit.proto defined in this repo) requests to the data-plane-api definitions. Therefore, the ratelimit service will upgrade the requests, process them internally as it would process a data-plane-api ratelimit request, and then downgrade the response to send back to the client. This means that, for a slight performance hit for clients using the legacy proto, ratelimit is backwards compatible with the legacy proto.
envoyKong is a cloud-native, fast, scalable, and distributed Microservice Abstraction Layer (also known as an API Gateway, API Middleware or in some cases Service Mesh). Backed by the battle-tested NGINX with a focus on high performance, Kong was made available as an open-source platform in 2015. Under active development, Kong is used in production at thousands of organizations from startups, Global 5000 and Government organizations.
api-gateway nginx luajit microservices api-management serverless apis iot consul docker reverse-proxy service-mesh cloud-native microservice devops-tools devopsGloo is a feature-rich, Kubernetes-native ingress controller, and next-generation API gateway. Gloo is exceptional in its function-level routing; its support for legacy apps, microservices and serverless; its discovery capabilities; its numerous features; and its tight integration with leading open-source projects. Gloo is uniquely designed to support hybrid applications, in which multiple technologies, architectures, protocols, and clouds can coexist.
gloo envoy api-gateway serverless api-managementGubernator is a distributed, high performance, cloud native and stateless rate limiting service. Gubernator is stateless in that it doesn’t require disk space to operate. No configuration or cache data is ever synced to disk. This is because every request to gubernator includes the config for the rate limit. At first you might think this an unnecessary overhead to each request. However, In reality a rate limit config is made up of only 4, 64bit integers.
rate-limiting rate-limiter golang-library microservice grpc cloudnativeLight 4j is a fast, lightweight and cloud native microservices framework. Light means lightweight, lighting fast and shed light on how to program with modern Java SE. It is 44 times faster than the most popular microservices platform Spring Boot embedded Tomcat and use only 1/5 of memory.
microservice microservice-framework openapi swagger consul zookeeper fast lightweight cloud docker cloud-native web-framework web-application-framework rest-framework java11 java-frameworkBasic rate-limiting middleware for Express. Use to limit repeated requests to public APIs and/or endpoints such as password reset. Note: this module does not share state with other processes/servers by default. If you need a more robust solution, I recommend using an addon store or trying out one of the excelent competing options.
express-rate-limit express rate limit ratelimit rate-limit middleware ip auth authorization security brute force bruteforce brute-force attackDoorman is a solution for Global Distributed Client Side Rate Limiting. Clients that talk to a shared resource (such as a database, a gRPC service, a RESTful API, or whatever) can use Doorman to voluntarily limit their use (usually in requests per second) of the resource. Doorman is written in Go and uses gRPC as its communication protocol. For some high-availability features it needs a distributed lock manager. We currently support etcd, but it should be relatively simple to make it use Zookeeper instead.The Doorman master server remembers all clients that currently have capacity and whenever a client asks for capacity it inserts the clients request into its memory and runs the algorithm to figure out what this client should get.
The Dingo API package is meant to provide you, the developer, with a set of tools to help you easily and quickly build your own API. While the goal of this package is to remain as flexible as possible it still won't cover all situations and solve all problems. The package includes Content Negotiation, Rate limiting, Multiple Authentication Adapters, Error and Exception Handling, Response Transformers and Formatters, API Versioning and lot more.
rest-api rest-framework rate-limitingApache APISIX is a dynamic, real-time, high-performance API gateway. APISIX provides rich traffic management features such as load balancing, dynamic upstream, canary release, circuit breaking, authentication, observability, and more. You can use Apache APISIX to handle traditional north-south traffic, as well as east-west traffic between services. It can also be used as a k8s ingress controller.
api-gateway api docker nginx kubernetes iot devops microservices lua serverless api-management luajit apigateway reverse-proxy cloud-native loadbalancing load-balancerAspNetCoreRateLimit is an ASP.NET Core rate limiting solution designed to control the rate of requests that clients can make to a Web API or MVC app based on IP address or client ID. The AspNetCoreRateLimit package contains an IpRateLimitMiddleware and a ClientRateLimitMiddleware, with each middleware you can set multiple limits for different scenarios like allowing an IP or Client to make a maximum number of calls in a time interval like per second, 15 minutes, etc. You can define these limits to address all requests made to an API or you can scope the limits to each API URL or HTTP verb and path.
rate-limiting asp-net-core middleware throttlingThis repository builds a backend Go service that provides secured endpoints related to accounts and passwords. You must integrate it with your application's frontend(s) and backend(s). If you are missing a client library, please submit a request.
authentication-backend service api-service authn jwt-authenticationProvides a generic rate limiter for node.js. Useful for API clients, web crawling, or other tasks that need to be throttled. Two classes are exposed, RateLimiter and TokenBucket. TokenBucket provides a lower level interface to rate limiting with a configurable burst rate and drip rate. RateLimiter sits on top of the token bucket and adds a restriction on the maximum number of tokens that can be removed each interval to comply with common API restrictions like "150 requests per hour maximum". A synchronous method, tryRemoveTokens(), is available in both RateLimiter and TokenBucket. This will return immediately with a boolean value indicating if the token removal was successful.
rate limiting throttlingAuthentication and back-off logic is a pain, let's do it once and forget about it! This is a library that allows you to centralise this logic and forget about the ugly parts of making HTTP requests.Yet another networking library? Well apart from some unique benefits such as built-in rate limiting and powerful request authentication, a significant benefit for you is that any tagged version has been tested in production. We only tag a new release once it’s been used for two weeks by the Spotify app (which has millions of active users a day). As such you can be sure tagged versions are as stable as possible.
The role of a Gateway in an API architecture is to protect, enrich and control access to API services. These sets of capabilities are often related to security and rate limiting, but it also includes the ability to do deeper message inspection. For example, you may want to insure that the message received is properly formed JSON, XML, or data following your own specific format. In addition, the Gateway can modify the payload or transform it to meet old or new interfaces for the API backend. Finally, the Gateway can invoke multiple services and aggregate responses from multiple API backends.The Microgateway is the foundation for all of those things. It is optimized to perform security, rate limiting, and much more complex packet processing through a highly flexible flow-engine.
api-management gateway apiconnect nodejs nginx ibm api connect microgateway microservices secure enforceThe BeAPI Framework is a full featured api automation framework providing a FULL API automation with an AVERAGE response time per call of 0.27 milliseconds per request (Google requires their calls to be UNDER 200 ms). Its feature include Automated Batching, CORS, JWT Authentication, Throttling & Rate/Data Limits, Localized API Cache, Reporting.
rest-framework java-framework web-frameworkA Redis module that provides rate limiting in Redis as a single command. Implements the fairly sophisticated generic cell rate algorithm (GCRA) which provides a rolling time window and doesn't depend on a background drip process. The primitives exposed by Redis are perfect for doing work around rate limiting, but because it's not built in, it's very common for companies and organizations to implement their own rate limiting logic on top of Redis using a mixture of basic commands and Lua scripts (I've seen this at both Heroku and Stripe for example). This can often result in naive implementations that take a few tries to get right. The directive of redis-cell is to provide a language-agnostic rate limiter that's easily pluggable into many cloud architectures.
Rack Middleware to impose a rate limit on a web service (aka API Throttling)
Gloo Mesh is a Kubernetes-native management plane that enables configuration and operational management of multiple heterogeneous service meshes across multiple clusters through a unified API. The Gloo Mesh API integrates with the leading service meshes and abstracts away differences between their disparate APIs, allowing users to configure a set of different service meshes through a single API. Gloo Mesh is engineered with a focus on its utility as an operational management tool, providing both graphical and command line UIs, observability features, and debugging tools. A core feature of Gloo Mesh is its ability to configure and manage multiple service mesh deployments across multiple clusters. The Gloo Mesh API provides an abstraction that allows users to configure groups of meshes as a single entity without having to deal with the underlying network configuration complexities.
service-mesh gloo gloo-meshShipwire makes it easier for consumers of Shipwire's international shipment fulfilment service to integrate their XML API quickly and easily. Current features are: Inventory Service Rate Service (Shipping Costs) Future features are: Order Entry Service Order Tracking...
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.