django-smart-ratelimit: Flexible, high-performance rate-limiting for Django

Hi everyone!

I’m excited to share django-smart-ratelimit v0.3.2—a lightweight, context-aware rate-limiting library for Django apps.

Key features:

• Per-view, per-user (or API key) and global limits
• Blazing speed via atomic Redis Lua scripts
• Fixed-window & sliding-window algorithms
• Pluggable backends: Redis, database, in-memory
• Decorator + middleware APIs
• Standard RateLimit headers (Limit/Remaining/Reset)

Getting started is easy:

pip install django-smart-ratelimit

from smart_ratelimit.decorators import ratelimit

@ratelimit(key='user', rate='100/h', block=True)
def my_view(request):
    return HttpResponse("Hello, rate-limited Django!")

PyPI: https://pypi.org/project/django-smart-ratelimit/
GitHub & full roadmap: https://github.com/YasserShkeir/django-smart-ratelimit

I’d love to hear:

• Your use cases or integration tips
• Any issues you encounter or features you’d like to see
• Performance feedback in real-world workloads

Thanks for checking it out—looking forward to your thoughts and contributions!
— Yasser Shkeir

Hello Django Community,

Released Django Smart Ratelimit v0.4.1 with two major features:

MongoDB Backend

• TTL collections for automatic cleanup
• High-performance rate limiting
• Perfect for microservices

JWT-Based Rate Limiting

• Rate limit by user roles/subscription tiers
• API key management
• Multi-tenant support

Example:

@rate_limit(
    key=jwt_role_key,
    rate='1000/h',
    algorithm='sliding_window',
    skip_if=lambda req: req.user.is_staff
)
def protected_api(request):
    return JsonResponse({'data': 'success'})

Installation: pip install django-smart-ratelimit[mongodb,jwt]

Backward compatible with existing v0.3.0 configurations.

Repository: GitHub - YasserShkeir/django-smart-ratelimit

Questions welcome!

Hello Django Community!

I’m thrilled to announce the release of Django Smart Ratelimit v0.7.2, featuring significant improvements for production Django applications.

Major New Features:

1. Token Bucket Algorithm The most requested feature is finally here! Unlike traditional fixed-window rate limiting, the token bucket algorithm provides intelligent burst handling:

@rate_limit(
    key='user',
    rate='100/h',  # Base rate
    algorithm='token_bucket',
    algorithm_config={
        'bucket_size': 200,  # Allow bursts up to 200 requests
        'refill_rate': 2.0,  # Refill 2 tokens per second
    }
)
def api_endpoint(request):
    return JsonResponse({'data': 'protected'})

2. Complete Type Safety

• Full mypy compliance with strict type checking
• Enhanced IDE support and developer experience
• Safer code with better error detection

3. Security Hardening

• Bandit security scanning integration
• All security vulnerabilities resolved
• Production-ready security standards

4. Enhanced Compatibility

• Python 3.13 support
• Django 5.1 compatibility
• Backward compatible with existing code

Why Choose Django Smart Ratelimit:

• Reliability: automatic failover
• Performance: Sub-millisecond response times with Redis Lua scripts
• Flexibility: 3 algorithms (token_bucket, sliding_window, fixed_window)
• Scalability: 4 backend options (Redis, Database, Memory, Multi-Backend)
• Integration: Native Django REST Framework support
• Monitoring: Built-in health checks and metrics

Resources:

• PyPI Package: https://pypi.org/project/django-smart-ratelimit/
• GitHub Repository: https://github.com/YasserShkeir/django-smart-ratelimit
• Documentation: https://github.com/YasserShkeir/django-smart-ratelimit/tree/main/docs
• Examples: https://github.com/YasserShkeir/django-smart-ratelimit/tree/main/examples

Thank you for being part of the Django community, and I look forward to hearing how this helps your projects!

Wow that is really impressive. I used to create a dynamic global dictionary to store individual IPs and tract their rate of hits on API or Pages.

This would save me a lot of time.

I’m pleased to announce the release of django‑smart‑ratelimit v0.8.0

What’s New in v0.8.0

• Circuit Breaker Pattern: automatic failure detection and recovery across Memory, Redis, Database, MongoDB & multi‑backend setups

• Exponential Backoff: adaptive retry delays on consecutive failures

• Built‑in by Default: zero‑config protection with sensible defaults

• Full Customization: override globally or per‑backend, or disable if needed

• No Breaking Changes: fully backward compatible

Highlights

• Over 50 new tests and 100% mypy compliance

• Thread‑safe operations with minimal overhead

• Detailed Circuit Breaker guide:
  https://github.com/YasserShkeir/django-smart-ratelimit/blob/main/docs/circuit_breaker.md

Install
pip install django‑smart‑ratelimit==0.8.0

Resources
• GitHub Repo → https://github.com/YasserShkeir/django-smart-ratelimit
• Discussions & Support → https://github.com/YasserShkeir/django-smart-ratelimit/discussions

I welcome your feedback, use‑cases, and any issues you encounter. Thanks for trying it out!

— Yasser Shkeir