@upstash/ratelimit 0.1.1 → 0.1.2

package/README.md

@@ -5,7 +5,6 @@ An HTTP/REST based Redis client built on top of Upstash REST API.
 
 [![Tests](https://github.com/upstash/ratelimit/actions/workflows/tests.yaml/badge.svg)](https://github.com/upstash/ratelimit/actions/workflows/tests.yaml)
 ![npm (scoped)](https://img.shields.io/npm/v/@upstash/ratelimit)
-![npm bundle size](https://img.shields.io/bundlephobia/minzip/@upstash/ratelimit)
 
 It is the only connectionless (HTTP based) ratelimiter and designed for:
 
@@ -17,6 +16,38 @@ It is the only connectionless (HTTP based) ratelimiter and designed for:
 - WebAssembly
 - and other environments where HTTP is preferred over TCP.
 
+<!-- toc -->
+
+- [Quick Start](#quick-start)
+  - [Install](#install)
+    - [npm](#npm)
+    - [Deno](#deno)
+  - [Create database](#create-database)
+  - [Use it](#use-it)
+  - [Block until ready](#block-until-ready)
+- [Globally replicated ratelimiting](#globally-replicated-ratelimiting)
+  - [Usage](#usage)
+  - [Example](#example)
+- [Ratelimiting algorithms](#ratelimiting-algorithms)
+  - [Fixed Window](#fixed-window)
+    - [Pros:](#pros)
+    - [Cons:](#cons)
+    - [Usage:](#usage)
+  - [Sliding Window](#sliding-window)
+    - [Pros:](#pros-1)
+    - [Cons:](#cons-1)
+    - [Usage:](#usage-1)
+  - [Token Bucket](#token-bucket)
+    - [Pros:](#pros-2)
+    - [Cons:](#cons-2)
+    - [Usage:](#usage-2)
+- [Contributing](#contributing)
+  - [Install Deno](#install-deno)
+  - [Database](#database)
+  - [Running tests](#running-tests)
+
+<!-- tocstop -->
+
 ## Quick Start
 
 ### Install
@@ -30,7 +61,7 @@ npm install @upstash/ratelimit
 #### Deno
 
 ```ts
-import { Redis } from "https://deno.land/x/upstash_ratelimit/mod.ts";
+import { Ratelimit } from "https://deno.land/x/upstash_ratelimit/mod.ts";
 ```
 
 ### Create database
@@ -124,6 +155,51 @@ doExpensiveCalculation();
 return "Here you go!";
 ```
 
+## Globally replicated ratelimiting
+
+Using a single redis instance has the downside of providing low latencies to the
+part of your userbase closest to the deployed db. That's why we also built
+`GlobalRatelimit` which replicates the state across multiple redis databases as
+well as offering lower latencies to more of your users.
+
+`GlobalRatelimit` does this by checking the current limit in the closest db and
+returning immediately. Only afterwards will the state be asynchronously
+replicated to the other datbases leveraging
+[CRDTs](https://en.wikipedia.org/wiki/Conflict-free_replicated_data_type). Due
+to the nature of distributed systems, there is no way to guarantee the set
+ratelimit is not exceeded by a small margin. This is the tradeoff for reduced
+global latency.
+
+### Usage
+
+The api is the same, except for asking for multiple redis instances:
+
+```ts
+import { GlobalRatelimit } from "@upstash/ratelimit"; // for deno: see above
+import { Redis } from "@upstash/redis";
+
+// Create a new ratelimiter, that allows 10 requests per 10 seconds
+const ratelimit = new GlobalRatelimit({
+  redis: [
+    new Redis({/* auth */}),
+    new Redis({/* auth */}),
+    new Redis({/* auth */}),
+  ],
+  limiter: Ratelimit.slidingWindow(10, "10 s"),
+});
+
+// Use a constant string to limit all requests with a single ratelimit
+// Or use a userID, apiKey or ip address for individual limits.
+const identifier = "api";
+const { success } = await ratelimit.limit(identifier);
+```
+
+### Example
+
+Let's assume you have customers in the US and Europe. In this case you can
+create 2 regional redis databases on [Upastash](https://console.upstash.com) and
+your users will enjoy the latency of whichever db is closest to them.
+
 ## Ratelimiting algorithms
 
 We provide different algorithms to use out of the box. Each has pros and cons.
@@ -199,6 +275,8 @@ const ratelimit = new Ratelimit({
 
 ### Token Bucket
 
+_Not yet supported for `GlobalRatelimit`_
+
 Consider a bucket filled with `{maxTokens}` tokens that refills constantly at
 `{refillRate}` per `{interval}`. Every request will remove one token from the
 bucket and if there is no token to take, the request is rejected.

package/esm/global.js

@@ -0,0 +1,228 @@
+import { ms } from "./duration.js";
+import { Ratelimit } from "./ratelimit.js";
+/**
+ * Ratelimiter using serverless redis from https://upstash.com/
+ *
+ * @example
+ * ```ts
+ * const { limit } = new GlobalRatelimit({
+ *    redis: Redis.fromEnv(),
+ *    limiter: GlobalRatelimit.fixedWindow(
+ *      10,     // Allow 10 requests per window of 30 minutes
+ *      "30 m", // interval of 30 minutes
+ *    )
+ * })
+ *
+ * ```
+ */
+export class GlobalRatelimit extends Ratelimit {
+    /**
+     * Create a new Ratelimit instance by providing a `@upstash/redis` instance and the algorithn of your choice.
+     */
+    constructor(config) {
+        super({
+            prefix: config.prefix,
+            limiter: config.limiter,
+            ctx: { redis: config.redis },
+        });
+    }
+    /**
+     * Each requests inside a fixed time increases a counter.
+     * Once the counter reaches a maxmimum allowed number, all further requests are
+     * rejected.
+     *
+     * **Pro:**
+     *
+     * - Newer requests are not starved by old ones.
+     * - Low storage cost.
+     *
+     * **Con:**
+     *
+     * A burst of requests near the boundary of a window can result in a very
+     * high request rate because two windows will be filled with requests quickly.
+     *
+     * @param tokens - How many requests a user can make in each time window.
+     * @param window - A fixed timeframe
+     */
+    static fixedWindow(
+    /**
+     * How many requests are allowed per window.
+     */
+    tokens, 
+    /**
+     * The duration in which `tokens` requests are allowed.
+     */
+    window) {
+        const windowDuration = ms(window);
+        const script = `
+    local key     = KEYS[1]
+    local id      = ARGV[1]
+    local window  = ARGV[2]
+    
+    redis.call("SADD", key, id)
+    local members = redis.call("SMEMBERS", key)
+    if #members == 1 then
+    -- The first time this key is set, the value will be 1.
+    -- So we only need the expire command once
+      redis.call("PEXPIRE", key, window)
+    end
+    
+    return members
+`;
+        return async function (ctx, identifier) {
+            const requestID = crypto.randomUUID();
+            const bucket = Math.floor(Date.now() / windowDuration);
+            const key = [identifier, bucket].join(":");
+            const dbs = ctx.redis.map((redis) => ({
+                redis,
+                request: redis.eval(script, [key], [requestID, windowDuration]),
+            }));
+            const firstResponse = await Promise.any(dbs.map((s) => s.request));
+            const usedTokens = firstResponse.length;
+            const remaining = tokens - usedTokens - 1;
+            /**
+             * If the length between two databases does not match, we sync the two databases
+             */
+            async function sync() {
+                const individualIDs = await Promise.all(dbs.map((s) => s.request));
+                const allIDs = Array.from(new Set(individualIDs.flatMap((_) => _)).values());
+                for (const db of dbs) {
+                    const ids = await db.request;
+                    /**
+                     * If the bucket in this db is already full, it doesn't matter which ids it contains.
+                     * So we do not have to sync.
+                     */
+                    if (ids.length >= tokens) {
+                        continue;
+                    }
+                    const diff = allIDs.filter((id) => !ids.includes(id));
+                    /**
+                     * Don't waste a request if there is nothing to send
+                     */
+                    if (diff.length === 0) {
+                        continue;
+                    }
+                    await db.redis.sadd(key, ...allIDs);
+                }
+            }
+            /**
+             * Do not await sync. This should not run in the critical path.
+             */
+            sync();
+            return {
+                success: remaining > 0,
+                limit: tokens,
+                remaining,
+                reset: (bucket + 1) * windowDuration,
+            };
+        };
+    }
+    /**
+     * Combined approach of `slidingLogs` and `fixedWindow` with lower storage
+     * costs than `slidingLogs` and improved boundary behavior by calcualting a
+     * weighted score between two windows.
+     *
+     * **Pro:**
+     *
+     * Good performance allows this to scale to very high loads.
+     *
+     * **Con:**
+     *
+     * Nothing major.
+     *
+     * @param tokens - How many requests a user can make in each time window.
+     * @param window - The duration in which the user can max X requests.
+     */
+    static slidingWindow(
+    /**
+     * How many requests are allowed per window.
+     */
+    tokens, 
+    /**
+     * The duration in which `tokens` requests are allowed.
+     */
+    window) {
+        const windowSize = ms(window);
+        const script = `
+      local currentKey  = KEYS[1]           -- identifier including prefixes
+      local previousKey = KEYS[2]           -- key of the previous bucket
+      local tokens      = tonumber(ARGV[1]) -- tokens per window
+      local now         = ARGV[2]           -- current timestamp in milliseconds
+      local window      = ARGV[3]           -- interval in milliseconds
+      local requestID   = ARGV[4]           -- uuid for this request
+
+
+      local currentMembers = redis.call("SMEMBERS", currentKey)
+      local requestsInCurrentWindow = #currentMembers
+      local previousMembers = redis.call("SMEMBERS", previousKey)
+      local requestsInPreviousWindow = #previousMembers
+
+      local percentageInCurrent = ( now % window) / window
+      if requestsInPreviousWindow * ( 1 - percentageInCurrent ) + requestsInCurrentWindow >= tokens then
+        return {currentMembers, previousMembers}
+      end
+
+      redis.call("SADD", currentKey, requestID)
+      table.insert(currentMembers, requestID)
+      if requestsInCurrentWindow == 0 then 
+        -- The first time this key is set, the value will be 1.
+        -- So we only need the expire command once
+        redis.call("PEXPIRE", currentKey, window * 2 + 1000) -- Enough time to overlap with a new window + 1 second
+      end
+      return {currentMembers, previousMembers}
+      `;
+        const windowDuration = ms(window);
+        return async function (ctx, identifier) {
+            const requestID = crypto.randomUUID();
+            const now = Date.now();
+            const currentWindow = Math.floor(now / windowSize);
+            const currentKey = [identifier, currentWindow].join(":");
+            const previousWindow = currentWindow - windowSize;
+            const previousKey = [identifier, previousWindow].join(":");
+            const dbs = ctx.redis.map((redis) => ({
+                redis,
+                request: redis.eval(script, [currentKey, previousKey], [tokens, now, windowDuration, requestID]),
+            }));
+            const percentageInCurrent = (now % windowDuration) / windowDuration;
+            const [current, previous] = await Promise.any(dbs.map((s) => s.request));
+            const usedTokens = previous.length * (1 - percentageInCurrent) +
+                current.length;
+            const remaining = tokens - usedTokens;
+            /**
+             * If a database differs from the consensus, we sync it
+             */
+            async function sync() {
+                const [individualIDs] = await Promise.all(dbs.map((s) => s.request));
+                const allIDs = Array.from(new Set(individualIDs.flatMap((_) => _)).values());
+                for (const db of dbs) {
+                    const [ids] = await db.request;
+                    /**
+                     * If the bucket in this db is already full, it doesn't matter which ids it contains.
+                     * So we do not have to sync.
+                     */
+                    if (ids.length >= tokens) {
+                        continue;
+                    }
+                    const diff = allIDs.filter((id) => !ids.includes(id));
+                    /**
+                     * Don't waste a request if there is nothing to send
+                     */
+                    if (diff.length === 0) {
+                        continue;
+                    }
+                    await db.redis.sadd(currentKey, ...allIDs);
+                }
+            }
+            /**
+             * Do not await sync. This should not run in the critical path.
+             */
+            sync();
+            return {
+                success: remaining > 0,
+                limit: tokens,
+                remaining,
+                reset: (currentWindow + 1) * windowDuration,
+            };
+        };
+    }
+}

package/esm/mod.js

@@ -1 +1,2 @@
 export { RegionRatelimit as Ratelimit } from "./region.js";
+export { GlobalRatelimit } from "./global.js";

package/package.json

@@ -3,7 +3,7 @@
   "main": "./script/mod.js",
   "types": "./types/mod.d.ts",
   "name": "@upstash/ratelimit",
-  "version": "v0.1.1",
+  "version": "v0.1.2",
   "description": "A serverless ratelimiter built on top of Upstash REST API.",
   "repository": {
     "type": "git",

package/script/global.js

@@ -0,0 +1,232 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.GlobalRatelimit = void 0;
+const duration_js_1 = require("./duration.js");
+const ratelimit_js_1 = require("./ratelimit.js");
+/**
+ * Ratelimiter using serverless redis from https://upstash.com/
+ *
+ * @example
+ * ```ts
+ * const { limit } = new GlobalRatelimit({
+ *    redis: Redis.fromEnv(),
+ *    limiter: GlobalRatelimit.fixedWindow(
+ *      10,     // Allow 10 requests per window of 30 minutes
+ *      "30 m", // interval of 30 minutes
+ *    )
+ * })
+ *
+ * ```
+ */
+class GlobalRatelimit extends ratelimit_js_1.Ratelimit {
+    /**
+     * Create a new Ratelimit instance by providing a `@upstash/redis` instance and the algorithn of your choice.
+     */
+    constructor(config) {
+        super({
+            prefix: config.prefix,
+            limiter: config.limiter,
+            ctx: { redis: config.redis },
+        });
+    }
+    /**
+     * Each requests inside a fixed time increases a counter.
+     * Once the counter reaches a maxmimum allowed number, all further requests are
+     * rejected.
+     *
+     * **Pro:**
+     *
+     * - Newer requests are not starved by old ones.
+     * - Low storage cost.
+     *
+     * **Con:**
+     *
+     * A burst of requests near the boundary of a window can result in a very
+     * high request rate because two windows will be filled with requests quickly.
+     *
+     * @param tokens - How many requests a user can make in each time window.
+     * @param window - A fixed timeframe
+     */
+    static fixedWindow(
+    /**
+     * How many requests are allowed per window.
+     */
+    tokens, 
+    /**
+     * The duration in which `tokens` requests are allowed.
+     */
+    window) {
+        const windowDuration = (0, duration_js_1.ms)(window);
+        const script = `
+    local key     = KEYS[1]
+    local id      = ARGV[1]
+    local window  = ARGV[2]
+    
+    redis.call("SADD", key, id)
+    local members = redis.call("SMEMBERS", key)
+    if #members == 1 then
+    -- The first time this key is set, the value will be 1.
+    -- So we only need the expire command once
+      redis.call("PEXPIRE", key, window)
+    end
+    
+    return members
+`;
+        return async function (ctx, identifier) {
+            const requestID = crypto.randomUUID();
+            const bucket = Math.floor(Date.now() / windowDuration);
+            const key = [identifier, bucket].join(":");
+            const dbs = ctx.redis.map((redis) => ({
+                redis,
+                request: redis.eval(script, [key], [requestID, windowDuration]),
+            }));
+            const firstResponse = await Promise.any(dbs.map((s) => s.request));
+            const usedTokens = firstResponse.length;
+            const remaining = tokens - usedTokens - 1;
+            /**
+             * If the length between two databases does not match, we sync the two databases
+             */
+            async function sync() {
+                const individualIDs = await Promise.all(dbs.map((s) => s.request));
+                const allIDs = Array.from(new Set(individualIDs.flatMap((_) => _)).values());
+                for (const db of dbs) {
+                    const ids = await db.request;
+                    /**
+                     * If the bucket in this db is already full, it doesn't matter which ids it contains.
+                     * So we do not have to sync.
+                     */
+                    if (ids.length >= tokens) {
+                        continue;
+                    }
+                    const diff = allIDs.filter((id) => !ids.includes(id));
+                    /**
+                     * Don't waste a request if there is nothing to send
+                     */
+                    if (diff.length === 0) {
+                        continue;
+                    }
+                    await db.redis.sadd(key, ...allIDs);
+                }
+            }
+            /**
+             * Do not await sync. This should not run in the critical path.
+             */
+            sync();
+            return {
+                success: remaining > 0,
+                limit: tokens,
+                remaining,
+                reset: (bucket + 1) * windowDuration,
+            };
+        };
+    }
+    /**
+     * Combined approach of `slidingLogs` and `fixedWindow` with lower storage
+     * costs than `slidingLogs` and improved boundary behavior by calcualting a
+     * weighted score between two windows.
+     *
+     * **Pro:**
+     *
+     * Good performance allows this to scale to very high loads.
+     *
+     * **Con:**
+     *
+     * Nothing major.
+     *
+     * @param tokens - How many requests a user can make in each time window.
+     * @param window - The duration in which the user can max X requests.
+     */
+    static slidingWindow(
+    /**
+     * How many requests are allowed per window.
+     */
+    tokens, 
+    /**
+     * The duration in which `tokens` requests are allowed.
+     */
+    window) {
+        const windowSize = (0, duration_js_1.ms)(window);
+        const script = `
+      local currentKey  = KEYS[1]           -- identifier including prefixes
+      local previousKey = KEYS[2]           -- key of the previous bucket
+      local tokens      = tonumber(ARGV[1]) -- tokens per window
+      local now         = ARGV[2]           -- current timestamp in milliseconds
+      local window      = ARGV[3]           -- interval in milliseconds
+      local requestID   = ARGV[4]           -- uuid for this request
+
+
+      local currentMembers = redis.call("SMEMBERS", currentKey)
+      local requestsInCurrentWindow = #currentMembers
+      local previousMembers = redis.call("SMEMBERS", previousKey)
+      local requestsInPreviousWindow = #previousMembers
+
+      local percentageInCurrent = ( now % window) / window
+      if requestsInPreviousWindow * ( 1 - percentageInCurrent ) + requestsInCurrentWindow >= tokens then
+        return {currentMembers, previousMembers}
+      end
+
+      redis.call("SADD", currentKey, requestID)
+      table.insert(currentMembers, requestID)
+      if requestsInCurrentWindow == 0 then 
+        -- The first time this key is set, the value will be 1.
+        -- So we only need the expire command once
+        redis.call("PEXPIRE", currentKey, window * 2 + 1000) -- Enough time to overlap with a new window + 1 second
+      end
+      return {currentMembers, previousMembers}
+      `;
+        const windowDuration = (0, duration_js_1.ms)(window);
+        return async function (ctx, identifier) {
+            const requestID = crypto.randomUUID();
+            const now = Date.now();
+            const currentWindow = Math.floor(now / windowSize);
+            const currentKey = [identifier, currentWindow].join(":");
+            const previousWindow = currentWindow - windowSize;
+            const previousKey = [identifier, previousWindow].join(":");
+            const dbs = ctx.redis.map((redis) => ({
+                redis,
+                request: redis.eval(script, [currentKey, previousKey], [tokens, now, windowDuration, requestID]),
+            }));
+            const percentageInCurrent = (now % windowDuration) / windowDuration;
+            const [current, previous] = await Promise.any(dbs.map((s) => s.request));
+            const usedTokens = previous.length * (1 - percentageInCurrent) +
+                current.length;
+            const remaining = tokens - usedTokens;
+            /**
+             * If a database differs from the consensus, we sync it
+             */
+            async function sync() {
+                const [individualIDs] = await Promise.all(dbs.map((s) => s.request));
+                const allIDs = Array.from(new Set(individualIDs.flatMap((_) => _)).values());
+                for (const db of dbs) {
+                    const [ids] = await db.request;
+                    /**
+                     * If the bucket in this db is already full, it doesn't matter which ids it contains.
+                     * So we do not have to sync.
+                     */
+                    if (ids.length >= tokens) {
+                        continue;
+                    }
+                    const diff = allIDs.filter((id) => !ids.includes(id));
+                    /**
+                     * Don't waste a request if there is nothing to send
+                     */
+                    if (diff.length === 0) {
+                        continue;
+                    }
+                    await db.redis.sadd(currentKey, ...allIDs);
+                }
+            }
+            /**
+             * Do not await sync. This should not run in the critical path.
+             */
+            sync();
+            return {
+                success: remaining > 0,
+                limit: tokens,
+                remaining,
+                reset: (currentWindow + 1) * windowDuration,
+            };
+        };
+    }
+}
+exports.GlobalRatelimit = GlobalRatelimit;

package/script/mod.js

@@ -1,5 +1,7 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.Ratelimit = void 0;
+exports.GlobalRatelimit = exports.Ratelimit = void 0;
 var region_js_1 = require("./region.js");
 Object.defineProperty(exports, "Ratelimit", { enumerable: true, get: function () { return region_js_1.RegionRatelimit; } });
+var global_js_1 = require("./global.js");
+Object.defineProperty(exports, "GlobalRatelimit", { enumerable: true, get: function () { return global_js_1.GlobalRatelimit; } });

package/types/global.d.ts

@@ -0,0 +1,98 @@
+import type { Duration } from "./duration.js";
+import type { Algorithm, GlobalContext } from "./types.js";
+import { Ratelimit } from "./ratelimit.js";
+import type { Redis } from "./types.js";
+export declare type GlobalRatelimitConfig = {
+    /**
+     * Instances of `@upstash/redis`
+     * @see https://github.com/upstash/upstash-redis#quick-start
+     */
+    redis: Redis[];
+    /**
+     * The ratelimiter function to use.
+     *
+     * Choose one of the predefined ones or implement your own.
+     * Available algorithms are exposed via static methods:
+     * - GlobalRatelimit.fixedWindow
+     */
+    limiter: Algorithm<GlobalContext>;
+    /**
+     * All keys in redis are prefixed with this.
+     *
+     * @default `@upstash/ratelimit`
+     */
+    prefix?: string;
+};
+/**
+ * Ratelimiter using serverless redis from https://upstash.com/
+ *
+ * @example
+ * ```ts
+ * const { limit } = new GlobalRatelimit({
+ *    redis: Redis.fromEnv(),
+ *    limiter: GlobalRatelimit.fixedWindow(
+ *      10,     // Allow 10 requests per window of 30 minutes
+ *      "30 m", // interval of 30 minutes
+ *    )
+ * })
+ *
+ * ```
+ */
+export declare class GlobalRatelimit extends Ratelimit<GlobalContext> {
+    /**
+     * Create a new Ratelimit instance by providing a `@upstash/redis` instance and the algorithn of your choice.
+     */
+    constructor(config: GlobalRatelimitConfig);
+    /**
+     * Each requests inside a fixed time increases a counter.
+     * Once the counter reaches a maxmimum allowed number, all further requests are
+     * rejected.
+     *
+     * **Pro:**
+     *
+     * - Newer requests are not starved by old ones.
+     * - Low storage cost.
+     *
+     * **Con:**
+     *
+     * A burst of requests near the boundary of a window can result in a very
+     * high request rate because two windows will be filled with requests quickly.
+     *
+     * @param tokens - How many requests a user can make in each time window.
+     * @param window - A fixed timeframe
+     */
+    static fixedWindow(
+    /**
+     * How many requests are allowed per window.
+     */
+    tokens: number, 
+    /**
+     * The duration in which `tokens` requests are allowed.
+     */
+    window: Duration): Algorithm<GlobalContext>;
+    /**
+     * Combined approach of `slidingLogs` and `fixedWindow` with lower storage
+     * costs than `slidingLogs` and improved boundary behavior by calcualting a
+     * weighted score between two windows.
+     *
+     * **Pro:**
+     *
+     * Good performance allows this to scale to very high loads.
+     *
+     * **Con:**
+     *
+     * Nothing major.
+     *
+     * @param tokens - How many requests a user can make in each time window.
+     * @param window - The duration in which the user can max X requests.
+     */
+    static slidingWindow(
+    /**
+     * How many requests are allowed per window.
+     */
+    tokens: number, 
+    /**
+     * The duration in which `tokens` requests are allowed.
+     */
+    window: Duration): Algorithm<GlobalContext>;
+}

package/types/mod.d.ts

@@ -1,3 +1,5 @@
 export { RegionRatelimit as Ratelimit } from "./region.js";
 export type { RegionRatelimitConfig as RatelimitConfig } from "./region.js";
+export { GlobalRatelimit } from "./global.js";
+export type { GlobalRatelimitConfig } from "./global.js";
 export type { Algorithm } from "./types.js";