Rate Limiting

Rate limiting using Upstash Redis to prevent abuse and ensure fair usage of resources.

This template uses Upstash Redis for rate limiting. For more information, go to Upstash Redis docs

Setup

Prerequisites

🔄

Upstash Redis

Active Upstash Redis account

🔌

Connection Details

Redis REST URL and token

⚙️

Environment Setup

Configured .env.local file

Environment Variables

Terminal

Implementation

Redis Client Setup

Configure the Upstash Redis client in lib/upstash.ts:

lib/upstash.ts
TYPESCRIPT

Rate Limiter Configuration

Set up rate limiting with sliding window algorithm:

TYPESCRIPT

Usage Examples

Server Action Rate Limiting

Implementing rate limiting in server actions:

TYPESCRIPT

API Route Rate Limiting

Protecting API routes with rate limiting:

TYPESCRIPT

Common Use Cases

🖼️

Image Uploads

Limit the number of image uploads per user per minute

🔐

Authentication

Prevent brute force attacks on authentication endpoints

🔌

API Endpoints

Control access rates to public and private API endpoints

📝

Form Submissions

Prevent spam by limiting form submission frequency

Best Practices

Implementation

  • 1
    Use unique identifiers per action
  • 2
    Include user ID in rate limit keys
  • 3
    Set appropriate time windows
  • 4
    Handle rate limit errors gracefully

Security

  • 1
    Implement rate limiting early in request pipeline
  • 2
    Use different limits for different actions
  • 3
    Monitor rate limit usage
  • 4
    Provide clear feedback to users

Previous

Image Uploading

Core Features

Next

Email Service

Core Features