API Gateways: Routing, Authentication, and Rate Limiting

Introduction

API gateways serve as the single entry point for client requests, handling routing, authentication, rate limiting, and more. This guide covers gateway patterns and Kong/Traefik configuration.

Gateway Functions

# Simple gateway routing
class APIGateway:
    def __init__(self):
        self.routes = {
            "/api/users": "http://user-service:8080",
            "/api/products": "http://product-service:8080",
            "/api/orders": "http://order-service:8080",
        }
    
    async def handle_request(self, request):
        path = request.path
        
        for prefix, service_url in self.routes.items():
            if path.startswith(prefix):
                return await self.proxy(request, service_url + path)
        
        return {"error": "Not found"}, 404

# Kong configuration
"""
# Add service
curl -i -X POST http://localhost:8001/services \
  --name user-service \
  --url http://user-service:8080

# Add route
curl -i -X POST http://localhost:8001/services/user-service/routes \
  --paths /api/users \
  --name user-route

# Add rate limiting plugin
curl -i -X POST http://localhost:8001/services/user-service/plugins \
  --name rate-limiting \
  --config minute=100,policy=local

# Add JWT authentication
curl -i -X POST http://localhost:8001/services/user-service/plugins \
  --name jwt
"""

Rate Limiting

# Kong rate limiting configuration
apiVersion: configuration.konghq.com/v1
kind: KongPlugin
metadata:
  name: rate-limit
config:
  minute: 100
  hour: 1000
  policy: local
  fault_tolerant: true

Conclusion

API gateways centralize cross-cutting concerns. Use Kong for enterprise features, Traefik for cloud-native. Implement rate limiting, authentication, and request transformation at the gateway level.

Resources

Kong Documentation
Traefik Documentation