Is a dynamic rate limit based on request headers possible?

Hi there,

I couldn’t find a definitive answer in the docs so asking here.

Is it possible to create a plugin that can dynamically update the rate limit/session of a request after authentication. I need to change the rate limit of a request depending on whether a header is present in the request. From the docs I can see that the JS middleware can do something like however I want to write the plugin in Go.

Overall, is a Go plugin running post_auth able to dynamically change the rate limit based on a request header.

Or is this something that could be done in a pre hook? Im open to suggestions

Thanks in advance

Do you mean quota instead of rate-limit?

I replied to a similar question previously. I have grabbed my response and shared it here

It might be as long as you can retrieve and modify the rate limit key in Redis rate-limit-<UNHASHED_ID_OR_HASH>

An alternative approach may be to disable quota and rate-limiting but use the key’s metadata field to manually manage your dynamic rate limit or quota. It would involve a lot of effort in you implementing everything. Please note this suggestion is only a theory and hasn’t been tested.

Thanks for the reply Olu.

Came to the conclusion that we could achieve the behaviour without adding logic in a Go plugin.
Going to go with using separate policies for our needs and manage everything else in the backend.

1 Like