Release Notes Draft
Added
- Added optional resource-scoped rate limiting on top of the existing
v2API. - Added
core.ResourcePolicy,core.ResourceConfig, andcore.ResourceLimiter. - Added
gorl.NewResourceLimiter(...)for creating per-resource policy groups while keeping a shared strategy and storage backend. - Added
AllowResource(ctx, resource, key)for applying different limits to different resources without changing existingAllow(ctx, key)usage. - Added resource-aware middleware entry points for
net/http, Gin, Fiber, and Echo viaRateLimitByResource(...). - Added
config.LoadResourceConfig(...)to load resource-scoped limiter configuration from JSON or YAML. - Added support for both flat config files and namespaced
gorl:config roots.
Compatibility
- Existing
v2usage remains unchanged. - Current users can continue using
gorl.New(core.Config{...})andAllow(ctx, key)exactly as before. - Resource-scoped limits are an additive capability and do not remove or alter existing limiter behavior.
Usage
Classic usage is still supported:
limiter, err := gorl.New(core.Config{
Strategy: core.SlidingWindow,
Limit: 5,
Window: time.Minute,
})
res, err := limiter.Allow(ctx, "user-123")New resource-scoped usage:
limiter, err := gorl.NewResourceLimiter(core.ResourceConfig{
Strategy: core.SlidingWindow,
DefaultPolicy: core.ResourcePolicy{
Limit: 100,
Window: time.Minute,
},
Resources: map[string]core.ResourcePolicy{
"login": {Limit: 5, Window: time.Minute},
"search": {Limit: 50, Window: time.Second},
},
})
res, err := limiter.AllowResource(ctx, "login", "user-123")YAML example:
gorl:
strategy: sliding_window
default:
limit: 100
window: 1m
resources:
login:
limit: 5
window: 1m
search:
limit: 50
window: 1sNotes
- Unknown resources use
DefaultPolicy. - The built-in limiter algorithms were reused; this change adds routing and configuration support rather than changing limiter math.
- No migration is required for existing users unless they want to adopt resource-scoped limits.