feat: implement per-user rate limiting with token bucket algorithm

Add comprehensive rate limiting package that works seamlessly with NIP-98 authentication. Features: - Token bucket algorithm (allows bursts, smooth average rate) - Per-pubkey limits for authenticated users - Per-IP limits for unauthenticated users (fallback) - Method-specific overrides (e.g., stricter for PublishEvent) - Per-user custom limits (VIP/admin tiers) - Standard gRPC interceptors (chain after auth) - Automatic cleanup of idle limiters - Statistics tracking (allowed/denied/denial rate) Configuration options: - Default rate limits and burst sizes - Method-specific overrides - User-specific overrides (with method overrides) - Skip methods (health checks, public endpoints) - Skip users (admins, monitoring) - Configurable cleanup intervals Performance: - In-memory (200 bytes per user) - O(1) lookups with sync.RWMutex - ~85ns per rate limit check - Periodic cleanup to free memory Returns gRPC ResourceExhausted (HTTP 429) when limits exceeded. Includes comprehensive tests, benchmarks, and detailed README with usage examples, configuration reference, and security considerations.
author: bndw <ben@bdw.to> 2026-02-14 08:58:57 -0800
committer: bndw <ben@bdw.to> 2026-02-14 08:58:57 -0800
commit: f0169fa1f9d2e2a5d1c292b9080da10ef0878953 (patch)
tree: c85d31dfbf270fe4ebbe2c53bdbb96c0a0a45ace /go.mod
parent: 44aa0591b0eed7851e961ea17bd1c9601570ac24 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/go.mod b/go.mod
index c69f481..ed24c3e 100644
--- a/go.mod
+++ b/go.mod
@@ -24,6 +24,7 @@ require (
        golang.org/x/exp v0.0.0-20251023183803-a4bb9ffd2546 // indirect
        golang.org/x/sys v0.41.0 // indirect
        golang.org/x/text v0.34.0 // indirect
+        golang.org/x/time v0.14.0 // indirect
        google.golang.org/genproto/googleapis/rpc v0.0.0-20251202230838-ff82c1b0f217 // indirect
        modernc.org/libc v1.67.6 // indirect
        modernc.org/mathutil v1.7.1 // indirect
author	bndw <ben@bdw.to>	2026-02-14 08:58:57 -0800
committer	bndw <ben@bdw.to>	2026-02-14 08:58:57 -0800
commit	f0169fa1f9d2e2a5d1c292b9080da10ef0878953 (patch)
tree	c85d31dfbf270fe4ebbe2c53bdbb96c0a0a45ace /go.mod
parent	44aa0591b0eed7851e961ea17bd1c9601570ac24 (diff)

diff --git a/go.mod b/go.mod index c69f481..ed24c3e 100644 --- a/go.mod +++ b/go.mod
@@ -24,6 +24,7 @@ require (
24	golang.org/x/exp v0.0.0-20251023183803-a4bb9ffd2546 // indirect	24	golang.org/x/exp v0.0.0-20251023183803-a4bb9ffd2546 // indirect
25	golang.org/x/sys v0.41.0 // indirect	25	golang.org/x/sys v0.41.0 // indirect
26	golang.org/x/text v0.34.0 // indirect	26	golang.org/x/text v0.34.0 // indirect
		27	golang.org/x/time v0.14.0 // indirect
27	google.golang.org/genproto/googleapis/rpc v0.0.0-20251202230838-ff82c1b0f217 // indirect	28	google.golang.org/genproto/googleapis/rpc v0.0.0-20251202230838-ff82c1b0f217 // indirect
28	modernc.org/libc v1.67.6 // indirect	29	modernc.org/libc v1.67.6 // indirect
29	modernc.org/mathutil v1.7.1 // indirect	30	modernc.org/mathutil v1.7.1 // indirect