API boilerplate
Whether you are about to build an API-powered startup or simply want to provide your customers access for their automation, Business Class has you covered with a minimal API boilerplate.
Token-based auth
The premade APIController features a simple token-based authentication to protect your API routes. Tokens support a custom validity period and are compared in a time-constant manner which improves their security.
Throttling
Since API abuse is not uncommon, APIController comes with straightforward and automatic throttling based on Redis. You just decide the number of requests and a time period or stick with the default of 60 requests in 15 minutes, and your API is set.
Features
- Users can generate time-specific access tokens
- Token comparisson is protected from time-sensitive attacks
- API is protected with built-in throttling of requests