legacy-site/documentation/md-files/RATE_LIMITING_SETUP.md

# Rate Limiting Configuration for Flask Backend

# Add this to requirements.txt

# flask-limiter

# redis  # Optional: for distributed rate limiting

"""
Rate limiting implementation - add to app.py
"""

# At the top of app.py, add

from flask_limiter import Limiter
from flask_limiter.util import get_remote_address

# After creating app, add

limiter = Limiter(
    app=app,
    key_func=get_remote_address,
    default_limits=["200 per day", "50 per hour"],
    storage_uri="memory://"  # Use redis:// for production with multiple workers
)

# Apply rate limiting to specific endpoints

@app.route('/api/profiles', methods=['GET','POST'])
@limiter.limit("100 per hour")
def profiles():
    # ... existing code ...
    pass

@app.route('/api/songs', methods=['GET','POST'])
@limiter.limit("100 per hour")
def songs():
    # ... existing code ...
    pass

@app.route('/api/search_external')
@limiter.limit("30 per hour")  # More restrictive for external API calls
def search_external():
    # ... existing code ...
    pass

@app.route('/api/upload_lyric', methods=['POST'])
@limiter.limit("10 per hour")  # File uploads should be rate limited
def upload_lyric():
    # ... existing code ...
    pass
Initial commit - Church Music Database 2026-01-27 18:04:50 -06:00			`# Rate Limiting Configuration for Flask Backend`

			`# Add this to requirements.txt`

			`# flask-limiter`

			`# redis # Optional: for distributed rate limiting`

			`"""`
			`Rate limiting implementation - add to app.py`
			`"""`

			`# At the top of app.py, add`

			`from flask_limiter import Limiter`
			`from flask_limiter.util import get_remote_address`

			`# After creating app, add`

			`limiter = Limiter(`
			`app=app,`
			`key_func=get_remote_address,`
			`default_limits=["200 per day", "50 per hour"],`
			`storage_uri="memory://" # Use redis:// for production with multiple workers`
			`)`

			`# Apply rate limiting to specific endpoints`

			`@app.route('/api/profiles', methods=['GET','POST'])`
			`@limiter.limit("100 per hour")`
			`def profiles():`
			`# ... existing code ...`
			`pass`

			`@app.route('/api/songs', methods=['GET','POST'])`
			`@limiter.limit("100 per hour")`
			`def songs():`
			`# ... existing code ...`
			`pass`

			`@app.route('/api/search_external')`
			`@limiter.limit("30 per hour") # More restrictive for external API calls`
			`def search_external():`
			`# ... existing code ...`
			`pass`

			`@app.route('/api/upload_lyric', methods=['POST'])`
			`@limiter.limit("10 per hour") # File uploads should be rate limited`
			`def upload_lyric():`
			`# ... existing code ...`
			`pass`