@upstash/ratelimit 2.0.7 → 2.0.8

package/dist/index.mjs

@@ -109,6 +109,10 @@ var Cache = class {
   }
 };
 
+// src/constants.ts
+var DYNAMIC_LIMIT_KEY_SUFFIX = ":dynamic:global";
+var DEFAULT_PREFIX = "@upstash/ratelimit";
+
 // src/duration.ts
 function ms(d) {
   const match = d.match(/^(\d+)\s?(ms|s|m|h|d)$/);
@@ -154,8 +158,19 @@ var safeEval = async (ctx, script, keys, args) => {
 // src/lua-scripts/single.ts
 var fixedWindowLimitScript = `
   local key           = KEYS[1]
-  local window        = ARGV[1]
-  local incrementBy   = ARGV[2] -- increment rate per request at a given value, default is 1
+  local dynamicLimitKey = KEYS[2]  -- optional: key for dynamic limit in redis
+  local tokens        = tonumber(ARGV[1])  -- default limit
+  local window        = ARGV[2]
+  local incrementBy   = ARGV[3] -- increment rate per request at a given value, default is 1
+
+  -- Check for dynamic limit
+  local effectiveLimit = tokens
+  if dynamicLimitKey ~= "" then
+    local dynamicLimit = redis.call("GET", dynamicLimitKey)
+    if dynamicLimit then
+      effectiveLimit = tonumber(dynamicLimit)
+    end
+  end
 
   local r = redis.call("INCRBY", key, incrementBy)
   if r == tonumber(incrementBy) then
@@ -164,26 +179,48 @@ var fixedWindowLimitScript = `
   redis.call("PEXPIRE", key, window)
   end
 
-  return r
+  return {r, effectiveLimit}
 `;
 var fixedWindowRemainingTokensScript = `
-      local key = KEYS[1]
-      local tokens = 0
+  local key = KEYS[1]
+  local dynamicLimitKey = KEYS[2]  -- optional: key for dynamic limit in redis
+  local tokens = tonumber(ARGV[1])  -- default limit
 
-      local value = redis.call('GET', key)
-      if value then
-          tokens = value
-      end
-      return tokens
-    `;
+  -- Check for dynamic limit
+  local effectiveLimit = tokens
+  if dynamicLimitKey ~= "" then
+    local dynamicLimit = redis.call("GET", dynamicLimitKey)
+    if dynamicLimit then
+      effectiveLimit = tonumber(dynamicLimit)
+    end
+  end
+
+  local value = redis.call('GET', key)
+  local usedTokens = 0
+  if value then
+    usedTokens = tonumber(value)
+  end
+  
+  return {effectiveLimit - usedTokens, effectiveLimit}
+`;
 var slidingWindowLimitScript = `
   local currentKey  = KEYS[1]           -- identifier including prefixes
   local previousKey = KEYS[2]           -- key of the previous bucket
-  local tokens      = tonumber(ARGV[1]) -- tokens per window
+  local dynamicLimitKey = KEYS[3]       -- optional: key for dynamic limit in redis
+  local tokens      = tonumber(ARGV[1]) -- default tokens per window
   local now         = ARGV[2]           -- current timestamp in milliseconds
   local window      = ARGV[3]           -- interval in milliseconds
   local incrementBy = tonumber(ARGV[4]) -- increment rate per request at a given value, default is 1
 
+  -- Check for dynamic limit
+  local effectiveLimit = tokens
+  if dynamicLimitKey ~= "" then
+    local dynamicLimit = redis.call("GET", dynamicLimitKey)
+    if dynamicLimit then
+      effectiveLimit = tonumber(dynamicLimit)
+    end
+  end
+
   local requestsInCurrentWindow = redis.call("GET", currentKey)
   if requestsInCurrentWindow == false then
     requestsInCurrentWindow = 0
@@ -198,8 +235,8 @@ var slidingWindowLimitScript = `
   requestsInPreviousWindow = math.floor(( 1 - percentageInCurrent ) * requestsInPreviousWindow)
 
   -- Only check limit if not refunding (negative rate)
-  if incrementBy > 0 and requestsInPreviousWindow + requestsInCurrentWindow >= tokens then
-    return -1
+  if incrementBy > 0 and requestsInPreviousWindow + requestsInCurrentWindow >= effectiveLimit then
+    return {-1, effectiveLimit}
   end
 
   local newValue = redis.call("INCRBY", currentKey, incrementBy)
@@ -208,13 +245,24 @@ var slidingWindowLimitScript = `
     -- So we only need the expire command once
     redis.call("PEXPIRE", currentKey, window * 2 + 1000) -- Enough time to overlap with a new window + 1 second
   end
-  return tokens - ( newValue + requestsInPreviousWindow )
+  return {effectiveLimit - ( newValue + requestsInPreviousWindow ), effectiveLimit}
 `;
 var slidingWindowRemainingTokensScript = `
   local currentKey  = KEYS[1]           -- identifier including prefixes
   local previousKey = KEYS[2]           -- key of the previous bucket
-  local now         = ARGV[1]           -- current timestamp in milliseconds
-  local window      = ARGV[2]           -- interval in milliseconds
+  local dynamicLimitKey = KEYS[3]       -- optional: key for dynamic limit in redis
+  local tokens      = tonumber(ARGV[1]) -- default tokens per window
+  local now         = ARGV[2]           -- current timestamp in milliseconds
+  local window      = ARGV[3]           -- interval in milliseconds
+
+  -- Check for dynamic limit
+  local effectiveLimit = tokens
+  if dynamicLimitKey ~= "" then
+    local dynamicLimit = redis.call("GET", dynamicLimitKey)
+    if dynamicLimit then
+      effectiveLimit = tonumber(dynamicLimit)
+    end
+  end
 
   local requestsInCurrentWindow = redis.call("GET", currentKey)
   if requestsInCurrentWindow == false then
@@ -230,15 +278,26 @@ var slidingWindowRemainingTokensScript = `
   -- weighted requests to consider from the previous window
   requestsInPreviousWindow = math.floor(( 1 - percentageInCurrent ) * requestsInPreviousWindow)
 
-  return requestsInPreviousWindow + requestsInCurrentWindow
+  local usedTokens = requestsInPreviousWindow + requestsInCurrentWindow
+  return {effectiveLimit - usedTokens, effectiveLimit}
 `;
 var tokenBucketLimitScript = `
   local key         = KEYS[1]           -- identifier including prefixes
-  local maxTokens   = tonumber(ARGV[1]) -- maximum number of tokens
+  local dynamicLimitKey = KEYS[2]       -- optional: key for dynamic limit in redis
+  local maxTokens   = tonumber(ARGV[1]) -- default maximum number of tokens
   local interval    = tonumber(ARGV[2]) -- size of the window in milliseconds
   local refillRate  = tonumber(ARGV[3]) -- how many tokens are refilled after each interval
   local now         = tonumber(ARGV[4]) -- current timestamp in milliseconds
   local incrementBy = tonumber(ARGV[5]) -- how many tokens to consume, default is 1
+
+  -- Check for dynamic limit
+  local effectiveLimit = maxTokens
+  if dynamicLimitKey ~= "" then
+    local dynamicLimit = redis.call("GET", dynamicLimitKey)
+    if dynamicLimit then
+      effectiveLimit = tonumber(dynamicLimit)
+    end
+  end
         
   local bucket = redis.call("HMGET", key, "refilledAt", "tokens")
         
@@ -247,7 +306,7 @@ var tokenBucketLimitScript = `
 
   if bucket[1] == false then
     refilledAt = now
-    tokens = maxTokens
+    tokens = effectiveLimit
   else
     refilledAt = tonumber(bucket[1])
     tokens = tonumber(bucket[2])
@@ -255,38 +314,48 @@ var tokenBucketLimitScript = `
         
   if now >= refilledAt + interval then
     local numRefills = math.floor((now - refilledAt) / interval)
-    tokens = math.min(maxTokens, tokens + numRefills * refillRate)
+    tokens = math.min(effectiveLimit, tokens + numRefills * refillRate)
 
     refilledAt = refilledAt + numRefills * interval
   end
 
   -- Only reject if tokens are 0 and we're consuming (not refunding)
   if tokens == 0 and incrementBy > 0 then
-    return {-1, refilledAt + interval}
+    return {-1, refilledAt + interval, effectiveLimit}
   end
 
   local remaining = tokens - incrementBy
-  local expireAt = math.ceil(((maxTokens - remaining) / refillRate)) * interval
+  local expireAt = math.ceil(((effectiveLimit - remaining) / refillRate)) * interval
         
   redis.call("HSET", key, "refilledAt", refilledAt, "tokens", remaining)
 
   if (expireAt > 0) then
     redis.call("PEXPIRE", key, expireAt)
   end
-  return {remaining, refilledAt + interval}
+  return {remaining, refilledAt + interval, effectiveLimit}
 `;
 var tokenBucketIdentifierNotFound = -1;
 var tokenBucketRemainingTokensScript = `
   local key         = KEYS[1]
-  local maxTokens   = tonumber(ARGV[1])
+  local dynamicLimitKey = KEYS[2]       -- optional: key for dynamic limit in redis
+  local maxTokens   = tonumber(ARGV[1]) -- default maximum number of tokens
+
+  -- Check for dynamic limit
+  local effectiveLimit = maxTokens
+  if dynamicLimitKey ~= "" then
+    local dynamicLimit = redis.call("GET", dynamicLimitKey)
+    if dynamicLimit then
+      effectiveLimit = tonumber(dynamicLimit)
+    end
+  end
         
   local bucket = redis.call("HMGET", key, "refilledAt", "tokens")
 
   if bucket[1] == false then
-    return {maxTokens, ${tokenBucketIdentifierNotFound}}
+    return {effectiveLimit, ${tokenBucketIdentifierNotFound}, effectiveLimit}
   end
         
-  return {tonumber(bucket[2]), tonumber(bucket[1])}
+  return {tonumber(bucket[2]), tonumber(bucket[1]), effectiveLimit}
 `;
 var cachedFixedWindowLimitScript = `
   local key     = KEYS[1]
@@ -430,31 +499,31 @@ var SCRIPTS = {
     fixedWindow: {
       limit: {
         script: fixedWindowLimitScript,
-        hash: "b13943e359636db027ad280f1def143f02158c13"
+        hash: "472e55443b62f60d0991028456c57815a387066d"
       },
       getRemaining: {
         script: fixedWindowRemainingTokensScript,
-        hash: "8c4c341934502aee132643ffbe58ead3450e5208"
+        hash: "40515c9dd0a08f8584f5f9b593935f6a87c1c1c3"
       }
     },
     slidingWindow: {
       limit: {
         script: slidingWindowLimitScript,
-        hash: "9b7842963bd73721f1a3011650c23c0010848ee3"
+        hash: "977fb636fb5ceb7e98a96d1b3a1272ba018efdae"
       },
       getRemaining: {
         script: slidingWindowRemainingTokensScript,
-        hash: "65a73ac5a05bf9712903bc304b77268980c1c417"
+        hash: "ee3a3265fad822f83acad23f8a1e2f5c0b156b03"
       }
     },
     tokenBucket: {
       limit: {
         script: tokenBucketLimitScript,
-        hash: "d1f857ebbdaeca90ccd2cd4eada61d7c8e5db1ca"
+        hash: "b35c5bc0b7fdae7dd0573d4529911cabaf9d1d89"
       },
       getRemaining: {
         script: tokenBucketRemainingTokensScript,
-        hash: "a15be2bb1db2a15f7c82db06146f9d08983900d0"
+        hash: "deb03663e8af5a968deee895dd081be553d2611b"
       }
     },
     cachedFixedWindow: {
@@ -667,14 +736,20 @@ var Ratelimit = class {
   analytics;
   enableProtection;
   denyListThreshold;
+  dynamicLimits;
   constructor(config) {
     this.ctx = config.ctx;
     this.limiter = config.limiter;
     this.timeout = config.timeout ?? 5e3;
-    this.prefix = config.prefix ?? "@upstash/ratelimit";
+    this.prefix = config.prefix ?? DEFAULT_PREFIX;
+    this.dynamicLimits = config.dynamicLimits ?? false;
     this.enableProtection = config.enableProtection ?? false;
     this.denyListThreshold = config.denyListThreshold ?? 6;
     this.primaryRedis = "redis" in this.ctx ? this.ctx.redis : this.ctx.regionContexts[0].redis;
+    if ("redis" in this.ctx) {
+      this.ctx.dynamicLimits = this.dynamicLimits;
+      this.ctx.prefix = this.prefix;
+    }
     this.analytics = config.analytics ? new Analytics({
       redis: this.primaryRedis,
       prefix: this.prefix
@@ -788,9 +863,9 @@ var Ratelimit = class {
    * Returns the remaining token count together with a reset timestamps
    * 
    * @param identifier identifir to check
-   * @returns object with `remaining` and reset fields. `remaining` denotes
-   *          the remaining tokens and reset denotes the timestamp when the
-   *          tokens reset.
+   * @returns object with `remaining`, `reset`, and `limit` fields. `remaining` denotes
+   *          the remaining tokens, `limit` is the effective limit (considering dynamic
+   *          limits if enabled), and `reset` denotes the timestamp when the tokens reset.
    */
   getRemaining = async (identifier) => {
     const pattern = [this.prefix, identifier].join(":");
@@ -906,6 +981,59 @@ var Ratelimit = class {
     const members = [identifier, req?.ip, req?.userAgent, req?.country];
     return members.filter(Boolean);
   };
+  /**
+   * Set a dynamic rate limit globally.
+   * 
+   * When dynamicLimits is enabled, this limit will override the default limit
+   * set in the constructor for all requests.
+   * 
+   * @example
+   * ```ts
+   * const ratelimit = new Ratelimit({
+   *   redis: Redis.fromEnv(),
+   *   limiter: Ratelimit.slidingWindow(10, "10 s"),
+   *   dynamicLimits: true
+   * });
+   * 
+   * // Set global dynamic limit to 120 requests
+   * await ratelimit.setDynamicLimit({ limit: 120 });
+   * 
+   * // Disable dynamic limit (falls back to default)
+   * await ratelimit.setDynamicLimit({ limit: false });
+   * ```
+   * 
+   * @param options.limit - The new rate limit to apply globally, or false to disable
+   */
+  setDynamicLimit = async (options) => {
+    if (!this.dynamicLimits) {
+      throw new Error(
+        "dynamicLimits must be enabled in the Ratelimit constructor to use setDynamicLimit()"
+      );
+    }
+    const globalKey = `${this.prefix}${DYNAMIC_LIMIT_KEY_SUFFIX}`;
+    await (options.limit === false ? this.primaryRedis.del(globalKey) : this.primaryRedis.set(globalKey, options.limit));
+  };
+  /**
+   * Get the current global dynamic rate limit.
+   * 
+   * @example
+   * ```ts
+   * const { dynamicLimit } = await ratelimit.getDynamicLimit();
+   * console.log(dynamicLimit); // 120 or null if not set
+   * ```
+   * 
+   * @returns Object containing the current global dynamic limit, or null if not set
+   */
+  getDynamicLimit = async () => {
+    if (!this.dynamicLimits) {
+      throw new Error(
+        "dynamicLimits must be enabled in the Ratelimit constructor to use getDynamicLimit()"
+      );
+    }
+    const globalKey = `${this.prefix}${DYNAMIC_LIMIT_KEY_SUFFIX}`;
+    const result = await this.primaryRedis.get(globalKey);
+    return { dynamicLimit: result === null ? null : Number(result) };
+  };
 };
 
 // src/multi.ts
@@ -928,13 +1056,20 @@ var MultiRegionRatelimit = class extends Ratelimit {
       limiter: config.limiter,
       timeout: config.timeout,
       analytics: config.analytics,
+      dynamicLimits: config.dynamicLimits,
       ctx: {
         regionContexts: config.redis.map((redis) => ({
-          redis
+          redis,
+          prefix: config.prefix ?? DEFAULT_PREFIX
         })),
         cache: config.ephemeralCache ? new Cache(config.ephemeralCache) : void 0
       }
     });
+    if (config.dynamicLimits) {
+      console.warn(
+        "Warning: Dynamic limits are not yet supported for multi-region rate limiters. The dynamicLimits option will be ignored."
+      );
+    }
   }
   /**
    * Each request inside a fixed time increases a counter.
@@ -1084,7 +1219,8 @@ var MultiRegionRatelimit = class extends Ratelimit {
         );
         return {
           remaining: Math.max(0, tokens - usedTokens),
-          reset: (bucket + 1) * windowDuration
+          reset: (bucket + 1) * windowDuration,
+          limit: tokens
         };
       },
       async resetTokens(ctx, identifier) {
@@ -1260,7 +1396,8 @@ var MultiRegionRatelimit = class extends Ratelimit {
         const usedTokens = await Promise.any(dbs.map((s) => s.request));
         return {
           remaining: Math.max(0, tokens - usedTokens),
-          reset: (currentWindow + 1) * windowSize
+          reset: (currentWindow + 1) * windowSize,
+          limit: tokens
         };
       },
       async resetTokens(ctx, identifier) {
@@ -1290,11 +1427,13 @@ var RegionRatelimit = class extends Ratelimit {
       timeout: config.timeout,
       analytics: config.analytics,
       ctx: {
-        redis: config.redis
+        redis: config.redis,
+        prefix: config.prefix ?? DEFAULT_PREFIX
       },
       ephemeralCache: config.ephemeralCache,
       enableProtection: config.enableProtection,
-      denyListThreshold: config.denyListThreshold
+      denyListThreshold: config.denyListThreshold,
+      dynamicLimits: config.dynamicLimits
     });
   }
   /**
@@ -1335,14 +1474,15 @@ var RegionRatelimit = class extends Ratelimit {
             };
           }
         }
-        const usedTokensAfterUpdate = await safeEval(
+        const dynamicLimitKey = ctx.dynamicLimits ? `${ctx.prefix}${DYNAMIC_LIMIT_KEY_SUFFIX}` : "";
+        const [usedTokensAfterUpdate, effectiveLimit] = await safeEval(
           ctx,
           SCRIPTS.singleRegion.fixedWindow.limit,
-          [key],
-          [windowDuration, incrementBy]
+          [key, dynamicLimitKey],
+          [tokens, windowDuration, incrementBy]
         );
-        const success = usedTokensAfterUpdate <= tokens;
-        const remainingTokens = Math.max(0, tokens - usedTokensAfterUpdate);
+        const success = usedTokensAfterUpdate <= effectiveLimit;
+        const remainingTokens = Math.max(0, effectiveLimit - usedTokensAfterUpdate);
         const reset = (bucket + 1) * windowDuration;
         if (ctx.cache) {
           if (!success) {
@@ -1353,7 +1493,7 @@ var RegionRatelimit = class extends Ratelimit {
         }
         return {
           success,
-          limit: tokens,
+          limit: effectiveLimit,
           remaining: remainingTokens,
           reset,
           pending: Promise.resolve()
@@ -1362,15 +1502,17 @@ var RegionRatelimit = class extends Ratelimit {
       async getRemaining(ctx, identifier) {
         const bucket = Math.floor(Date.now() / windowDuration);
         const key = [identifier, bucket].join(":");
-        const usedTokens = await safeEval(
+        const dynamicLimitKey = ctx.dynamicLimits ? `${ctx.prefix}${DYNAMIC_LIMIT_KEY_SUFFIX}` : "";
+        const [remaining, effectiveLimit] = await safeEval(
           ctx,
           SCRIPTS.singleRegion.fixedWindow.getRemaining,
-          [key],
-          [null]
+          [key, dynamicLimitKey],
+          [tokens]
         );
         return {
-          remaining: Math.max(0, tokens - usedTokens),
-          reset: (bucket + 1) * windowDuration
+          remaining: Math.max(0, remaining),
+          reset: (bucket + 1) * windowDuration,
+          limit: effectiveLimit
         };
       },
       async resetTokens(ctx, identifier) {
@@ -1426,10 +1568,11 @@ var RegionRatelimit = class extends Ratelimit {
             };
           }
         }
-        const remainingTokens = await safeEval(
+        const dynamicLimitKey = ctx.dynamicLimits ? `${ctx.prefix}${DYNAMIC_LIMIT_KEY_SUFFIX}` : "";
+        const [remainingTokens, effectiveLimit] = await safeEval(
           ctx,
           SCRIPTS.singleRegion.slidingWindow.limit,
-          [currentKey, previousKey],
+          [currentKey, previousKey, dynamicLimitKey],
           [tokens, now, windowSize, incrementBy]
         );
         const success = remainingTokens >= 0;
@@ -1443,7 +1586,7 @@ var RegionRatelimit = class extends Ratelimit {
         }
         return {
           success,
-          limit: tokens,
+          limit: effectiveLimit,
           remaining: Math.max(0, remainingTokens),
           reset,
           pending: Promise.resolve()
@@ -1455,15 +1598,17 @@ var RegionRatelimit = class extends Ratelimit {
         const currentKey = [identifier, currentWindow].join(":");
         const previousWindow = currentWindow - 1;
         const previousKey = [identifier, previousWindow].join(":");
-        const usedTokens = await safeEval(
+        const dynamicLimitKey = ctx.dynamicLimits ? `${ctx.prefix}${DYNAMIC_LIMIT_KEY_SUFFIX}` : "";
+        const [remaining, effectiveLimit] = await safeEval(
           ctx,
           SCRIPTS.singleRegion.slidingWindow.getRemaining,
-          [currentKey, previousKey],
-          [now, windowSize]
+          [currentKey, previousKey, dynamicLimitKey],
+          [tokens, now, windowSize]
         );
         return {
-          remaining: Math.max(0, tokens - usedTokens),
-          reset: (currentWindow + 1) * windowSize
+          remaining: Math.max(0, remaining),
+          reset: (currentWindow + 1) * windowSize,
+          limit: effectiveLimit
         };
       },
       async resetTokens(ctx, identifier) {
@@ -1512,10 +1657,11 @@ var RegionRatelimit = class extends Ratelimit {
             };
           }
         }
-        const [remaining, reset] = await safeEval(
+        const dynamicLimitKey = ctx.dynamicLimits ? `${ctx.prefix}${DYNAMIC_LIMIT_KEY_SUFFIX}` : "";
+        const [remaining, reset, effectiveLimit] = await safeEval(
           ctx,
           SCRIPTS.singleRegion.tokenBucket.limit,
-          [identifier],
+          [identifier, dynamicLimitKey],
           [maxTokens, intervalDuration, refillRate, now, incrementBy]
         );
         const success = remaining >= 0;
@@ -1528,24 +1674,26 @@ var RegionRatelimit = class extends Ratelimit {
         }
         return {
           success,
-          limit: maxTokens,
-          remaining,
+          limit: effectiveLimit,
+          remaining: Math.max(0, remaining),
           reset,
           pending: Promise.resolve()
         };
       },
       async getRemaining(ctx, identifier) {
-        const [remainingTokens, refilledAt] = await safeEval(
+        const dynamicLimitKey = ctx.dynamicLimits ? `${ctx.prefix}${DYNAMIC_LIMIT_KEY_SUFFIX}` : "";
+        const [remainingTokens, refilledAt, effectiveLimit] = await safeEval(
           ctx,
           SCRIPTS.singleRegion.tokenBucket.getRemaining,
-          [identifier],
+          [identifier, dynamicLimitKey],
           [maxTokens]
         );
         const freshRefillAt = Date.now() + intervalDuration;
         const identifierRefillsAt = refilledAt + intervalDuration;
         return {
-          remaining: remainingTokens,
-          reset: refilledAt === tokenBucketIdentifierNotFound ? freshRefillAt : identifierRefillsAt
+          remaining: Math.max(0, remainingTokens),
+          reset: refilledAt === tokenBucketIdentifierNotFound ? freshRefillAt : identifierRefillsAt,
+          limit: effectiveLimit
         };
       },
       async resetTokens(ctx, identifier) {
@@ -1593,6 +1741,11 @@ var RegionRatelimit = class extends Ratelimit {
         if (!ctx.cache) {
           throw new Error("This algorithm requires a cache");
         }
+        if (ctx.dynamicLimits) {
+          console.warn(
+            "Warning: Dynamic limits are not yet supported for cachedFixedWindow algorithm. The dynamicLimits option will be ignored."
+          );
+        }
         const bucket = Math.floor(Date.now() / windowDuration);
         const key = [identifier, bucket].join(":");
         const reset = (bucket + 1) * windowDuration;
@@ -1642,7 +1795,8 @@ var RegionRatelimit = class extends Ratelimit {
           const cachedUsedTokens = ctx.cache.get(key) ?? 0;
           return {
             remaining: Math.max(0, tokens - cachedUsedTokens),
-            reset: (bucket + 1) * windowDuration
+            reset: (bucket + 1) * windowDuration,
+            limit: tokens
           };
         }
         const usedTokens = await safeEval(
@@ -1653,7 +1807,8 @@ var RegionRatelimit = class extends Ratelimit {
         );
         return {
           remaining: Math.max(0, tokens - usedTokens),
-          reset: (bucket + 1) * windowDuration
+          reset: (bucket + 1) * windowDuration,
+          limit: tokens
         };
       },
       async resetTokens(ctx, identifier) {