I've tried to follow some questions with no luck:
Due to outside of context issue I created a limiter function in a util.py file as follow:
def limiter():
_limiter = Limiter(
app,
key_func=get_remote_address
)
return _limiter
And in my Flask-Restful API resource I have called this limiter in method-decorators:
from ..utils import limiter
class UsersView(Resource, CustomAPIMixin):
method_decorators = [limiter().limit("1/minute", methods=["GET"])]
@jwt_authenticate()
def get(self):
user_id = get_jwt_identity()
return self.api_response(content={"user_id": user_id})
NOTE: I'm using Flask version 2 and Flask-Limiter 1.4
EDIT-1:
my_api
models
scripts
views
users.py
__init__.py # contains create_app() to return Flask app
utils.py. # contains custom rate_limit() function
EDIT-2: Here is the full working code that Flask-Limiter does not work on:
The Flask-Limiter documentation gives an example that fits this case: https://flask-limiter.readthedocs.io/en/stable/#using-flask-pluggable-views
If you set decorators instead of method_decorators it should fix your issue.
Here is a fully working sample that demonstrates rate limiting for the provided code.
from flask import Flask
from flask_restful import Resource, Api
from flask_limiter import Limiter
from flask_limiter.util import get_remote_address
app = Flask(__name__)
api = Api(app)
def limiter():
_limiter = Limiter(
app,
key_func=get_remote_address
)
return _limiter
class CustomAPIMixin:
def api_response(self, content):
return content
def get_jwt_identity():
return 0
class UsersView(Resource, CustomAPIMixin):
decorators = [limiter().limit("1/minute", methods=["GET"])]
# @jwt_authenticate()
def get(self):
user_id = get_jwt_identity()
return self.api_response(content={"user_id": user_id})
api.add_resource(UsersView, '/')
if __name__ == '__main__':
app.run(debug=True)