Managing rate limiting per client

I’m in the process of adding rate limiting to my GraphQL API. I’d like to do something similar to GitHub’s API where clients are allocated a certain amount of points for a time window and points are “exchanged” for query complexity.

I looked into the phase of the pipeline that calculates the query complexity in Absinthe and I’m trying to add the 2 following behaviors:

  • when a query of complexity N is received, subtract N from the points of the client
  • expose a rateLimit query that clients can use to receive their current point count/refresh timestamp

My plan is to add a phase to the pipeline to calculate the query complexity, do the math on the client’s point count and store the rate limit information in the context. This allows my rateLimit resolver to have access to this information to return the data.

I’m only partially done implementing this, and my question is: am I overcomplicating this? Is there a simpler way to achieve this behavior that doesn’t require messing with the pipeline and updating the context from there? It feels a little hacky.

1 Like