Add rate limiting to the API to prevent excessive request traffic and protect the system from abuse.
Rate limits should be configurable and applied to relevant endpoints. When a client exceeds the allowed number of requests within the configured time window, the API should respond with HTTP 429 Too Many Requests and a clear error message.
Acceptance Criteria:
- Rate limiting is applied to selected API endpoints.
- Limits are configurable via environment variables or application settings.
- Clients exceeding the limit receive HTTP 429.
- Error response clearly explains that the rate limit has been exceeded.
- Existing endpoint behavior remains unchanged for requests within the allowed limit.
Add rate limiting to the API to prevent excessive request traffic and protect the system from abuse.
Rate limits should be configurable and applied to relevant endpoints. When a client exceeds the allowed number of requests within the configured time window, the API should respond with HTTP 429 Too Many Requests and a clear error message.
Acceptance Criteria: