Route Security

Limiting Requests

Ask has a built-in limiter that can limit the number of times an IP address can make a request to a specific route during a period of time. E.g. twice a minute, 100 times an hour, etc.

You can limit a route by adding a decorator before the route definition. The decorator takes in as an argument a string with a sort of natural language syntax. You can either use the word "per" or a slash (/).

# This can only be called from the same IP, once every two minutes.
&limit('1 per 2 minute')
@get('/route1'):
    print('Hello, World!')

# Max 200 request per day from the same IP.
&limit('200/day')
@get('/route2'):
    print('Hello, World!')

Available rules

• Seconds.

• Minutes.

• Hours.

• Days.

• Years