API rate limits

Added in version 0.7.0.

Changed in version 1.0.4: Remove API_RATE_LIMITS default value in order to disable only rate limits when Redis is set

If API_RATE_LIMITS environment variable is not empty and Redis available, API rate limits are managed by Flask-Limiter, based on IP with fixed window strategy.

Note

If no Redis instance is available for rate limits, FitTrackee can still start.

All endpoints are subject to rate limits, except endpoints serving assets.

Limits are configured by setting the environment variable API_RATE_LIMITS, for example 300 per 5 minutes (see Flask-Limiter documentation for notation).

Multiple rate limits must be separated by a comma, for instance:

export API_RATE_LIMITS="200 per day,50 per hour"

Flask-Limiter provides a Command Line Interface for maintenance and diagnostic purposes.

$ flask limiter
Usage: flask limiter [OPTIONS] COMMAND [ARGS]...

  Flask-Limiter maintenance & utility commands

Options:
  --help  Show this message and exit.

Commands:
  clear   Clear limits for a specific key
  config  View the extension configuration
  limits  Enumerate details about all routes with rate limits

Note

Rate limits can be managed by other applications, like nginx.