Route Security

How to secure routes.

Limiting Requests

Ask has a built-in limiter that can limit the number of times an IP address can make a request to a specific route during a period of time. E.g. twice a minute, 100 times an hour, etc.

You can limit a route by adding a decorator before the route definition. The decorator takes in as an argument a string with a sort of natural language syntax. You can either use the word "per" or a slash (/).

# This can only be called from the same IP, once every two minutes.
&limit('1 per 2 minute')
@get('/route1'):
    print('Hello, World!')

# Max 200 request per day from the same IP.
&limit('200/day')
@get('/route2'):
    print('Hello, World!')

Available rules

  • Seconds.

  • Minutes.

  • Hours.

  • Days.

  • Years

Last updated