96 lines
2.5 KiB
Markdown
96 lines
2.5 KiB
Markdown
# Postgres to Redis Rate Limiting Migration Reference
|
|
|
|
## Overview
|
|
This document provides guidance for migrating API rate limiting from Postgres to Redis in the Fiddy Finance Buddy App. It covers:
|
|
- Rate limiting tiers and keying strategies
|
|
- Migration triggers and operational considerations
|
|
- Redis setup, scaling, monitoring, and best practices
|
|
- Example config (not enabled by default)
|
|
|
|
---
|
|
|
|
## Rate Limiting Tiers & Keying
|
|
- **Auth endpoints (login/register):** Strict limits per IP and identifier (email)
|
|
- **Write endpoints (POST/PUT/DELETE):** Moderate limits per user and IP
|
|
- **Read endpoints (GET):** Higher limits per user and IP
|
|
- **Keying:**
|
|
- Unauthenticated: IP only
|
|
- Auth endpoints: IP + email
|
|
- Authenticated: user ID + IP
|
|
|
|
---
|
|
|
|
## Migration Triggers
|
|
Switch to Redis if:
|
|
- API request volume or burst traffic causes DB contention or latency
|
|
- Postgres rate limit table grows rapidly or cleanup becomes burdensome
|
|
- You need native TTL, atomic counters, or horizontal scaling
|
|
|
|
---
|
|
|
|
## Redis Management & Planning
|
|
### Setup
|
|
- Provision Redis (self-hosted or managed)
|
|
- Secure networking, secrets, and access control
|
|
- Integrate Redis client in backend (e.g., `ioredis` or `redis` npm package)
|
|
|
|
### Scaling
|
|
- Monitor memory usage, eviction policy, and connection pools
|
|
- Use Redis clustering/replication for high availability
|
|
|
|
### Monitoring
|
|
- Set up alerting for latency, memory, and connection errors
|
|
- Track rate limit key usage and eviction
|
|
|
|
### TTL & Data Retention
|
|
- Use Redis native TTL for expiring rate limit keys
|
|
- No manual cleanup required
|
|
|
|
### Backup
|
|
- Backups are optional for rate limit counters
|
|
- Focus on monitoring and HA
|
|
|
|
---
|
|
|
|
## Example Redis Config (Not Enabled by Default)
|
|
|
|
### docker-compose.yml (add, but comment out)
|
|
```
|
|
# redis:
|
|
# image: redis:7
|
|
# ports:
|
|
# - "6379:6379"
|
|
# restart: unless-stopped
|
|
```
|
|
|
|
### .env.example
|
|
```
|
|
# REDIS_URL=redis://localhost:6379
|
|
```
|
|
|
|
### Node.js Integration Example
|
|
```
|
|
// ...existing code...
|
|
// import Redis from 'ioredis';
|
|
// const redis = new Redis(process.env.REDIS_URL);
|
|
// ...existing code...
|
|
```
|
|
|
|
---
|
|
|
|
## Best Practices
|
|
- Document migration triggers in backend guidance
|
|
- Keep Redis config ready but disabled until needed
|
|
- Reference this doc in PROJECT_INSTRUCTIONS.md for future backend work
|
|
|
|
---
|
|
|
|
## References
|
|
- [Redis Official Docs](https://redis.io/docs/)
|
|
- [ioredis npm package](https://www.npmjs.com/package/ioredis)
|
|
- [Rate limiting patterns](https://redis.io/docs/management/rate-limiting/)
|
|
|
|
---
|
|
|
|
_Last updated: 2026-02-09_
|