Bird
Raised Fist0
Rest APIprogramming~5 mins

Fixed window algorithm in Rest API

Choose your learning style10 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime

Start learning this pattern below

Jump into concepts and practice - no test required

or
Recommended
Test this pattern10 questions across easy, medium, and hard to know if this pattern is strong
Introduction

The fixed window algorithm helps control how many times someone can use an API in a set time. It stops too many requests all at once.

You want to limit users to 100 requests per minute to keep your server safe.
You want to stop a user from sending too many login attempts in a short time.
You want to make sure your API is fair and no one uses it too much.
You want to protect your service from accidental overload during busy times.
Syntax
Rest API
1. Set a fixed time window (like 1 minute).
2. Count requests in that window.
3. If count is below limit, allow request and increase count.
4. If count reaches limit, block requests until next window.
The window resets after the fixed time ends, starting count from zero again.
This method is simple but can cause bursts of requests at window edges.
Examples
This example shows a 1-minute window where only 10 requests are allowed.
Rest API
Window size: 60 seconds
Limit: 10 requests
Count requests from 12:00:00 to 12:00:59
If count < 10, allow request
At 12:01:00, reset count to 0
This example limits requests per hour for a bigger time window.
Rest API
Window size: 1 hour
Limit: 1000 requests
Count requests from 1:00 PM to 1:59 PM
Block requests after 1000 until 2:00 PM
Sample Program

This program creates a fixed window rate limiter that allows 3 requests every 10 seconds. It prints if each request is allowed or blocked.

Rest API
from time import time

class FixedWindowRateLimiter:
    def __init__(self, limit, window_size_seconds):
        self.limit = limit
        self.window_size = window_size_seconds
        self.window_start = int(time())
        self.request_count = 0

    def allow_request(self):
        current_time = int(time())
        if current_time - self.window_start >= self.window_size:
            self.window_start = current_time
            self.request_count = 0
        if self.request_count < self.limit:
            self.request_count += 1
            return True
        else:
            return False

# Example usage
limiter = FixedWindowRateLimiter(limit=3, window_size_seconds=10)

for i in range(5):
    allowed = limiter.allow_request()
    print(f"Request {i+1} allowed? {allowed}")
OutputSuccess
Important Notes

The fixed window algorithm is easy to understand and implement.

It can cause a burst of allowed requests at the edge of windows, which might be a problem for some uses.

For smoother control, other algorithms like sliding window can be used.

Summary

The fixed window algorithm limits requests in fixed time blocks.

It counts requests and blocks when the limit is reached.

It is simple but can allow bursts at window edges.

Practice

(1/5)
1.

What is the main idea behind the Fixed window algorithm in rate limiting?

easy
A. Count requests in fixed time intervals and block if limit exceeded
B. Allow unlimited requests without any restrictions
C. Count requests over a sliding time window for smooth limiting
D. Block all requests after the first one

Solution

  1. Step 1: Understand fixed window concept

    The fixed window algorithm divides time into fixed intervals (windows) and counts requests in each interval.

  2. Step 2: Identify how blocking works

    If the number of requests in the current window exceeds the limit, further requests are blocked until the next window.

  3. Final Answer:

    Count requests in fixed time intervals and block if limit exceeded -> Option A

  4. Quick Check:

    Fixed window = count + block in fixed intervals [OK]
Hint: Fixed window counts requests per fixed time block [OK]
Common Mistakes:
  • Confusing fixed window with sliding window algorithm
  • Thinking it allows unlimited requests
  • Assuming it blocks all requests immediately
2.

Which of the following is the correct way to check the current window start time in a fixed window algorithm using Python?

import time
window_size = 60  # seconds
current_time = int(time.time())
window_start = ?
easy
A. current_time - (current_time % window_size)
B. current_time % window_size
C. current_time + window_size
D. window_size - current_time

Solution

  1. Step 1: Calculate window start using modulo

    The window start is the current time minus the remainder when divided by window size, to align to window boundary.

  2. Step 2: Apply formula

    Using current_time - (current_time % window_size) gives the start of the current fixed window.

  3. Final Answer:

    current_time - (current_time % window_size) -> Option A

  4. Quick Check:

    Window start = current_time - remainder [OK]
Hint: Use modulo to find window start time [OK]
Common Mistakes:
  • Using modulo alone without subtraction
  • Adding window size instead of subtracting remainder
  • Confusing window start with window end
3.

Given the following Python code snippet implementing a fixed window rate limiter, what will be the output?

requests = [1, 1, 1, 1, 1]
limit = 3
window_start = 0
count = 0
for req in requests:
    if count < limit:
        count += req
        print("Allowed")
    else:
        print("Blocked")
medium
A. Allowed Allowed Allowed Allowed Allowed
B. Blocked Blocked Blocked Blocked Blocked
C. Allowed Allowed Allowed Blocked Blocked
D. Allowed Allowed Blocked Allowed Blocked

Solution

  1. Step 1: Trace request counts

    Count starts at 0. For each request (value 1), count increases until it reaches limit 3.

  2. Step 2: Determine allowed or blocked

    First 3 requests increase count to 3 and print "Allowed". Next requests exceed limit, so print "Blocked".

  3. Final Answer:

    Allowed Allowed Allowed Blocked Blocked -> Option C

  4. Quick Check:

    Count ≤ 3 allowed, else blocked [OK]
Hint: Count requests and block after limit reached [OK]
Common Mistakes:
  • Assuming all requests allowed
  • Resetting count incorrectly
  • Confusing count comparison operator
4.

Identify the bug in this fixed window rate limiter code snippet and select the fix:

limit = 5
window_size = 60
count = 0
window_start = int(time.time())

if int(time.time()) - window_start > window_size:
    count = 0

count += 1
if count > limit:
    print("Blocked")
else:
    print("Allowed")
medium
A. Increase limit to 10
B. Change count += 1 to count = 1
C. Remove the if condition checking time difference
D. Move window_start update inside the if block to reset window

Solution

  1. Step 1: Identify window reset logic

    The code resets count when window expires but does not update window_start, so window never moves forward.

  2. Step 2: Fix by updating window start time

    Inside the if block, update window_start = int(time.time()) to start a new window correctly.

  3. Final Answer:

    Move window_start update inside the if block to reset window -> Option D

  4. Quick Check:

    Reset count and window start together [OK]
Hint: Update window start when resetting count [OK]
Common Mistakes:
  • Not updating window start time
  • Resetting count incorrectly
  • Ignoring time difference condition
5.

You want to implement a fixed window rate limiter that allows 10 requests per minute per user. Which approach correctly handles multiple users without mixing counts?

hard
A. Store counts in a list without user identification
B. Use a dictionary with user IDs as keys and counts as values, reset counts per user each window
C. Use a single global count for all users and reset every minute
D. Allow unlimited requests for all users

Solution

  1. Step 1: Understand per-user counting

    Each user must have a separate count to avoid mixing requests between users.

  2. Step 2: Use dictionary keyed by user ID

    A dictionary with user IDs as keys and counts as values allows tracking each user's requests independently and resetting counts per window.

  3. Final Answer:

    Use a dictionary with user IDs as keys and counts as values, reset counts per user each window -> Option B

  4. Quick Check:

    Separate counts per user = dictionary keyed by user [OK]
Hint: Track counts per user with dictionary keys [OK]
Common Mistakes:
  • Using a single global count for all users
  • Not resetting counts per user
  • Ignoring user identification in counting