I am sorry, I know I create a lot of topics all at once, but it happens when I actually have some time to work on my projects 
Basically, it’s a generic in-memory sliding window composible rate limiter. Usage looks like this:
# Per user rate limiting
user_limiter = RateLimiter.new(50, 3600) # 50 requests per hour per user
# Per IP rate limiting
ip_limiter = RateLimiter.new(200, 3600) # 200 requests per hour per IP
# Per endpoint rate limiting
endpoint_limiter = RateLimiter.new(20, 60) # 20 requests per minute per endpoint
# Per user + endpoint rate limiting
user_endpoint_limiter = RateLimiter.new(10, 60) # 10 requests per minute per user+endpoint
# Check request (example: user trying to access API)
username = "alice"
ip = "10.0.0.1"
endpoint = "/api/create_note"
# Check all applicable rate limits
limits = [
user_limiter.allow?(username),
ip_limiter.allow?(ip),
endpoint_limiter.allow?(endpoint),
user_endpoint_limiter.allow?("#{username}::#{endpoint}")
]
if limits.any?
# Request is allowed by all rate limiters
process_request(username, ip, endpoint)
else
# Request exceeds at least one rate limit
render_error("Rate limit exceeded")
end