How to add rate limiting to Rust API

Add the actix-web and actix-web-rust-embed crates to your Cargo.toml, then configure a RateLimiter middleware in your main.rs to restrict requests per IP.

[dependencies]
actix-web = "4"
actix-web-rust-embed = "2"
actix-web-actors = "4"

use actix_web::{web, App, HttpServer, HttpResponse, middleware};
use actix_web::middleware::DefaultHeaders;

#[actix_web::main]
async fn main() -> std::io::Result<()> {
    HttpServer::new(|| {
        App::new()
            .wrap(middleware::DefaultHeaders::new().add(("X-RateLimit-Limit", "100")))
            .route("/", web::get().to(|| async { HttpResponse::Ok().body("Hello, world!") }))
    })
    .bind("127.0.0.1:8080")?
    .run()
    .await
}

Note: For production-grade rate limiting, use the actix-web-rate-limit crate or implement a custom middleware using dashmap for in-memory tracking, as the standard library does not include built-in rate limiting.

Rate limiting is like a bouncer at a club who only lets a certain number of people in per minute. It protects your API from being overwhelmed by too many requests at once, ensuring it stays fast and available for everyone. You use it when you need to prevent abuse or accidental traffic spikes from crashing your server.