Skip to main content

arolariu.Backend.Core.Domain.General.Configuration

arolariu.Backend.Core

arolariu.Backend.Core.Domain.General.Configuration Namespace

Classes

RateLimitConfiguration Class

Provides rate limiting service registration and configuration for the API. This class configures the actual rate limiting policies referenced by arolariu.Backend.Common.Configuration.RateLimitPolicies.

internal static class RateLimitConfiguration

Inheritance System.Object 🡒 RateLimitConfiguration

Remarks

Rate limiting is implemented using ASP.NET Core's built-in Microsoft.AspNetCore.RateLimiting middleware. Policies are partitioned by user identity (authenticated) or IP address (anonymous), ensuring fair resource allocation.

When rate limits are exceeded, the API returns HTTP 429 (Too Many Requests) with a Retry-After header indicating when the client may retry the request.

Methods

RateLimitConfiguration.AddRateLimitingPolicies(this IServiceCollection) Method

Registers rate limiting services and policies with the dependency injection container.

public static Microsoft.Extensions.DependencyInjection.IServiceCollection AddRateLimitingPolicies(this Microsoft.Extensions.DependencyInjection.IServiceCollection services);

Parameters

services Microsoft.Extensions.DependencyInjection.IServiceCollection

The Microsoft.Extensions.DependencyInjection.IServiceCollection to add services to.

Returns

Microsoft.Extensions.DependencyInjection.IServiceCollection
The same Microsoft.Extensions.DependencyInjection.IServiceCollection instance for method chaining.

Remarks

This method configures:

  • Global rate limiter: 1000 requests per minute per IP (applies to all requests)
  • Named policies for different operation categories
  • Custom rejection handler with Retry-After header and JSON error response

RateLimitConfiguration.GetUserIdentifier(HttpContext) Method

Extracts the user identifier from the HTTP context for rate limit partitioning.

private static string GetUserIdentifier(Microsoft.AspNetCore.Http.HttpContext context);

Parameters

context Microsoft.AspNetCore.Http.HttpContext

The current HTTP context.

Returns

System.String
The authenticated user's identifier (from claims) or the client's IP address for anonymous users.

RateLimitConfiguration.OnRateLimitRejectedAsync(OnRejectedContext, CancellationToken) Method

Handles rate limit rejection by returning a JSON error response with retry information.

private static System.Threading.Tasks.ValueTask OnRateLimitRejectedAsync(Microsoft.AspNetCore.RateLimiting.OnRejectedContext context, System.Threading.CancellationToken cancellationToken);

Parameters

context Microsoft.AspNetCore.RateLimiting.OnRejectedContext

The rate limit rejection context.

cancellationToken System.Threading.CancellationToken

Cancellation token for the operation.

Returns

System.Threading.Tasks.ValueTask
A task representing the asynchronous operation.

// was this page useful?