Add structured per-tenant rate limits backed by Postgres token-bucket

[thlpkee20-wq]

Description

The current rate limiter is per-process. Add structured per-tenant token-bucket limits stored in Postgres (or compatible distributed store) so limits hold across replicas with consistent enforcement.

Requirements and context

• Must be secure, tested, and documented
• Should be efficient and easy to review
• Relevant code: src/middleware/rateLimit.ts, src/security/rateLimit.ts
• Bucket math must be precise (no double-spend under concurrency)

Suggested execution

• Fork the repo and create a branch
• git checkout -b feat/distributed-rate-limit
• Implement changes
  • Add rate_buckets table with row-level lock semantics
  • Add tenant + route key derivation
  • Add config and admin reset endpoint
• Validate security and correctness assumptions

Test and commit

• Run tests
  • npm test
• Cover edge cases
  • Burst, clock skew, tenant deletion
• Include test output and notes

Example commit message

feat: distributed token-bucket rate limits

Guidelines

• Minimum 95 percent test coverage
• Clear documentation
• Timeframe: 96 hours

[Jayking40]

@Jayking40 has applied to work on this issue as part of the Stellar Wave Program's 6th wave.

I'd like to work on this issue. I have strong experience with typescript and can deliver a clean, well-tested implementation.

My approach:

1. Analyze the existing codebase and understand the current architecture
2. Implement the solution following project conventions and patterns
3. Write comprehensive tests and ensure all existing tests pass
4. Submit a clean PR with clear documentation

ETA: within 24 hours

I'm available to start immediately and can provide regular progress updates.

GitHub: @Jayking40

ℹ️ Repo Maintainers: To accept this application, review their application or assign @Jayking40 to this issue.

[Elsa-tech2026]

@Elsa-tech2026 has applied to work on this issue as part of the Stellar Wave Program's 6th wave.

I’m interested in contributing to this issue and believe I can deliver a clean, well-tested solution that aligns with the project’s standards.

ℹ️ Repo Maintainers: To accept this application, review their application or assign @Elsa-tech2026 to this issue.

[Zainab5970]

@Zainab5970 has applied to work on this issue as part of the Stellar Wave Program's 6th wave.

please can i work on the issue

ℹ️ Repo Maintainers: To accept this application, review their application or assign @Zainab5970 to this issue.

[balisdev]

@balisdev has applied to work on this issue as part of the Stellar Wave Program's 6th wave.

Hi, I'd like to work on this issue. I'd ensure I add structured per-tenant rate limits backed by Postgres token-bucket

I am a Backend Engineer with experience building scalable and secure systems and/or web apps. Please assign this to me and I'd deliver this in due time.

ℹ️ Repo Maintainers: To accept this application, review their application or assign @balisdev to this issue.