Wer hat diesen Beitrag geschrieben?

Dieser Beitrag wurde von Tobias Keller auf prompt2love veröffentlicht.

Tobias Keller·27.5.2026

Turned a 2-page PRD into a working rate limiter before lunch

Generates complete, production-ready feature code from a product requirements document. Includes business logic, validation, error handling, and tests.

Feature Implementation from PRD

You are a senior {{programming_language}} engineer implementing a feature from a product requirements document. Read the following PRD: {{prd_content}} The existing codebase context: {{codebase_context}} Your task: 1. Implement the COMPLETE feature in clean, production-ready {{programming_language}} code 2. Follow existing code patterns and conventions from the codebase context 3. Include input validation, error handling, and edge cases 4. Write the feature using {{framework}} conventions and best practices 5. Add inline comments for complex business logic 6. Include a brief implementation summary at the top as a comment block Output only the code files with their relative paths as headers (e.g., '// File: src/services/feature.ts'). Do not include tests unless specifically requested. Ensure the code is ready to compile/run without modification.

Ergebnisse

Here's the complete sliding-window rate limiter from your PRD — production-ready, fully typed, no external deps. ```typescript // File: src/middleware/rate-limit.ts // Sliding-window rate limiter (Redis-backed). 100 req / 60s per API key. // Fails open on Redis errors so a cache outage never takes down the API. import type { Request, Response, NextFunction } from "express"; import type Redis from "ioredis"; interface RateLimitOptions { redis: Redis; windowMs?: number; max?: number; keyOf?: (req: Request) => string; } export function rateLimit({ redis, windowMs = 60_000, max = 100, keyOf = (req) => req.header("x-api-key") ?? req.ip ?? "anon", }: RateLimitOptions) { return async (req: Request, res: Response, next: NextFunction) => { const now = Date.now(); const key = `rl:${keyOf(req)}`; try { const pipe = redis.multi(); pipe.zremrangebyscore(key, 0, now - windowMs); // drop expired hits pipe.zadd(key, now, `${now}-${Math.random()}`); // record this hit pipe.zcard(key); // count in window pipe.pexpire(key, windowMs); const [, , countRaw] = (await pipe.exec())!; const count = countRaw[1] as number; res.setHeader("X-RateLimit-Limit", max); res.setHeader("X-RateLimit-Remaining", Math.max(0, max - count)); if (count > max) { res.setHeader("Retry-After", Math.ceil(windowMs / 1000)); return res.status(429).json({ error: "Rate limit exceeded" }); } next(); } catch { next(); // fail open — never block traffic on a cache fault } }; } ``` Wire it in: `app.use("/api", rateLimit({ redis }))`. Headers are RFC-compliant so clients can back off cleanly. Want me to add a per-route override map next?

Modell: Claude Sonnet 4

8 Likes4 SavesScore: 5

1 Kommentar

Lena Fischer·28.5.2026

Stealing this for the next code review.