[BUG] No Rate Limiting on AI & GitHub API Endpoints

[SrishtiSonam]

Bug Description

What is the problem?

Currently, there is no rate limiting on AI-powered and GitHub-based API endpoints.
This allows users to send unlimited requests in a short time.

Steps to Reproduce

1. Send repeated requests to AI-powered endpoints
2. Continuously hit GitHub API–based endpoints
3. Observe there is no restriction or cooldown applied

Expected Behavior

The backend should:

• Limit the number of requests per user
• Prevent API abuse
• Protect external API quotas

Actual Behavior

Users can spam requests without limits, which can:

• Exhaust GitHub and AI API quotas
• Increase backend load
• Affect other users

Component

Backend

Environment

Backend (FastAPI middleware, API layer)
Backend service (environment-independent)

Additional Context

This can be implemented using FastAPI middleware with per-user rate limiting.
I’d like to work on this issue as part of SWoC — please assign it to me if it aligns with the project roadmap.

[github-actions]

Thank you for creating this issue! 🎉

This issue is part of Social Winter of Code 2026.

Next Steps:

• A maintainer will review and assign difficulty labels (Easy/Medium/Hard)
• Feel free to ask questions in the comments
• Wait for assignment before starting work

Happy contributing! 🚀

[AvishkarPatil]

Hey @SrishtiSonam, Critical security issue - accepted! This is high priority to protect API quotas and prevent abuse. Assigned for SWoC implementation.