| """Rate limiting middleware using slowapi.""" | |
| from slowapi import Limiter, _rate_limit_exceeded_handler | |
| from slowapi.util import get_remote_address | |
| from slowapi.errors import RateLimitExceeded | |
| from fastapi import Request | |
| limiter = Limiter(key_func=get_remote_address) | |
| def get_user_id_from_request(request: Request) -> str: | |
| """Extract user ID from request for rate limiting.""" | |
| # For document upload, use user_id if available, otherwise IP | |
| user_id = request.headers.get("X-User-ID") | |
| if user_id: | |
| return user_id | |
| return get_remote_address(request) | |