Add generic support for rate limiting.

Review Request #14631 — Created Oct. 8, 2025 and updated

Information

Djblets
release-5.x

Reviewers

Djblets has long had rate limiting support for user sessions, allowing
separate rate limits for anonymous users and authenticated users for
normal sessions and API. Outside of this, though, we had no mechanism
for rate limiting other operations.

This change introduces that generic rate limiting support via a new
djblets.protect.ratelimit module. This is a modernized port of the old
rate limit code, which can be used with arbitrary keys and validity
windows to provide rate limit functionality for anything.

The main function is check_rate_limit, which takes in a parsed or
string rate limit, a partial cache key, and a flag indicating whether to
increment the count toward the rate limit in cache (defaults to True).

The existing auth rate limiting code has been reworked as a wrapper
around this, focusing on the settings and checks for rate limiting
user sessions.

Unit tests pass.

Summary ID
Add generic support for rate limiting.
Djblets has long had rate limiting support for user sessions, allowing separate rate limits for anonymous users and authenticated users for normal sessions and API. Outside of this, though, we had no mechanism for rate limiting other operations. This change introduces that generic rate limiting support via a new `djblets.protect.ratelimit` module. This is a modernized port of the old rate limit code, which can be used with arbitrary keys and validity windows to provide rate limit functionality for anything. The main function is `check_rate_limit`, which takes in a parsed or string rate limit, a partial cache key, and a flag indicating whether to increment the count toward the rate limit in cache (defaults to `True`). The existing auth rate limiting code has been reworked as a wrapper around this, focusing on the settings and checks for rate limiting user sessions.
272beaa42c350a1093d5f639a49a09c0ae5b6fc0
Description From Last Updated

too many blank lines (2) Column: 9 Error code: E303

reviewbotreviewbot
Checks run (1 failed, 1 succeeded)
flake8 failed.
JSHint passed.

flake8