En/rate limiter

[Umang01-hash]

Add Rate Limiting Support for HTTP Services

This PR adds rate limiting capabilities to # Add Rate Limiting Support for HTTP Services

This PR adds rate limiting capabilities to GoFr's HTTP service clients using the token bucket algorithm. It provides both local (in-memory) and distributed (Redis-based) implementations to suit different deployment scenarios.

Features

• Two Implementation Strategies:

  • Local (In-Memory): For single-instance deployments
  • Distributed (Redis): For multi-instance production deployments using atomic Lua scripts

• Core Features:

  • Configurable requests per second (RPS) and burst limits
  • Sub-1 RPS support (e.g., 0.5 requests/second)
  • Custom service key extraction support

Usage Example

// For distributed rate limiting (multi-instance)
a.AddHTTPService("payment-api", "http://localhost:9005",
    &service.RateLimiterConfig{
        RequestsPerSecond: 1,    // 1 request per second
        Burst:            3,     // Allow bursts up to 3 requests
        RedisClient:      rc,    // Redis client for distributed limiting
    },
)

// For local rate limiting (single instance)
a.AddHTTPService("payment-api", "http://localhost:9005",
    &service.RateLimiterConfig{
        RequestsPerSecond: 1,    // 1 request per second
        Burst:            3,     // Allow bursts up to 3 requests
    },
) 

Usage Screenshots:

• Logs

• Metrics

Checklist:

• I have formatted my code using goimport and golangci-lint.
• All new code is covered by unit tests.
• This PR does not decrease the overall code coverage.
• I have reviewed the code comments and documentation for clarity.

Thank you for your contribution!

[akshat-kumar-singhal]

@Umang01-hash We should consider having support for generic time window, i.e. not limit to per second. Most systems have per minute/hour limits.

[Umang01-hash]

@akshat-kumar-singhal sure fixed the same

Users can use it like:

// Per-second rate limiting
app.AddHTTPService("fast-api", "https://fast.api.com",
    &service.RateLimiterConfig{
        Requests: 10,           // 10 requests per second
        Window:   time.Second,  // Explicit time window
        Burst:    15,
    },
)

// Per-hour rate limiting
app.AddHTTPService("batch-api", "https://batch.api.com",
    &service.RateLimiterConfig{
        Requests: 1000,        // 1000 requests per hour
        Window:   time.Hour,   // Hourly window
        Burst:    1200,
    },
)

[coolwednesday]

1. Validate Window ≥1 ms
   Prevent micro/nanosecond windows that spike CPU and precision issues:
   if config.Window<time.Millisecond { return fmt.Errorf("min window 1ms, got %v",config.Window) }

2. RPS Calculation
   Avoid repeated division: compute once and reuse cachedRPS.

3. Preload Lua Script
   Load script SHA on init and use EVALSHA to skip re-compiling on every Redis call.

[akshat-kumar-singhal]

Altering an exported interface is a breaking change

[akshat-kumar-singhal]

this config should be validated

[akshat-kumar-singhal]

Additional validation: Burst size should be greater than requests per unit time

[akshat-kumar-singhal]

Burst can be optional - set equal to Requests in case not configured/zero.

[akshat-kumar-singhal]

Error message should be updated as we are supporting other time windows as well

[akshat-kumar-singhal]

Should this be a "cache interface" or "rate limiter bucket" instance instead of specifically Redis? That way the implementation difference between Redis/Local would just be at the storage level and not in the core functionality