DEV Community

Kotaro Takaoka
Kotaro Takaoka

Posted on • Edited on

I got mass-rate-limited by my own API on the day of our demo

#api #webdev #tutorial #javascript

Last week I was building a dashboard for a client. The backend wasn't ready. I had a week of frontend work planned, and the API endpoints I needed didn't exist yet.

I've been in this situation a dozen times. Usually I just hardcode some JSON and move on. But this time I needed the full flow working for a stakeholder demo on Friday. GET, POST, DELETE, the whole thing. Hardcoded JSON wasn't going to cut it.

So I spent that evening building a thing I've wanted for years: drop a JSON file, get a working REST API back. I called it SnapAPI.

What it does

You give it JSON. It gives you endpoints.

curl -X POST https://snapapi.akokoa1221.workers.dev/api/mock \
  -H "Content-Type: application/json" \
  -d '{"users": [{"id": 1, "name": "Alice"}, {"id": 2, "name": "Bob"}]}'
Enter fullscreen mode Exit fullscreen mode

You get back a URL. That URL supports GET, POST, PUT, DELETE. Data persists for 24 hours. CORS works from anywhere. No account, no setup.

I used it for the demo. It worked. The stakeholders didn't know they were looking at mock data. That felt good.

The thing I didn't expect to need

After the demo I kept using it. And I kept running into the same annoyance: writing sample data by hand is tedious. Ten users with realistic names and emails? That's 30 minutes of copy-pasting from a faker library.

So I added a schema-based generator:

curl -X POST https://snapapi.akokoa1221.workers.dev/api/mock \
  -H "Content-Type: application/json" \
  -d '{"_generate": {"users": {"count": 50, "schema": {"id": "autoincrement", "name": "name", "email": "email", "age": "number:22-45"}}}}'
Enter fullscreen mode Exit fullscreen mode

50 users. Realistic names. Done. No external dependencies, it's all rule-based generation built in.

The rate-limit incident

Here's where I messed up. I was load-testing my own dashboard against SnapAPI and forgot I had added rate limiting (10 requests per minute for endpoint creation). Locked myself out of my own tool during a live coding session.

Lessons learned: eat your own dogfood, but maybe whitelist yourself first.

I also added response delay simulation after this, because I realized I'd never tested what my dashboard does when an API takes 3 seconds to respond. Turns out it didn't handle it well. The _config option lets you add artificial latency and random errors:

{"_config": {"delay": 2000, "errorRate": 0.2, "errorStatus": 503}}
Enter fullscreen mode Exit fullscreen mode

Every request to that endpoint now takes 2 seconds and fails 20% of the time. My dashboard handles it gracefully now. Mostly.

What's under the hood

Next.js 16 running on Cloudflare Pages. D1 for storage (SQLite at the edge, which is kind of wild). The whole thing costs me $0/month.

I also built a CLI because I live in the terminal:

npx snapapi-cli create data.json
Enter fullscreen mode Exit fullscreen mode

Source is on GitHub if you want to poke around: github.com/ko-tarou/snapapi

The thing I'm least happy with is the landing page design. I'm not a designer. If you visit snapapi.akokoa1221.workers.dev and think 'wow this looks bad', yeah, I know. PRs welcome.

I'd love to hear if this is useful to anyone else, or if I'm just solving my own very specific problem.

Top comments (0)