Log inSign up
kamalnrf

kamalnrf

token-pool

GitHub token pool for rate limit distribution
Public
Like
token-pool
Val Town is a collaborative website to build and scale JavaScript apps.
Deploy APIs, crons, & store data – all from the browser, and deployed in milliseconds.
Sign up now
Code
/
Search
main.ts
README.md

GitHub Token Pool

A service that collects and manages GitHub API tokens from contributors to distribute rate limits across a shared pool. Inspired by Shields.io's token pool.

How It Works

  1. Contributors authenticate via GitHub OAuth (read-only public data access)
  2. Tokens are encrypted (AES-256-GCM) and stored in SQLite
  3. Consumer vals import getToken() to get a healthy token rotation
  4. Rate limits are tracked per-token; exhausted tokens are quarantined until reset

Used By

This pool powers GitHub API calls in:

Setup

1. Create GitHub OAuth App

Go to https://github.com/settings/developers and create a new OAuth App:

  • Application name: Token Pool (or whatever)
  • Homepage URL: Your val endpoint
  • Callback URL: https://<your-endpoint>/callback
  • Scopes: None needed (public data only)

2. Set Environment Variables

Add these to your val:

GITHUB_CLIENT_ID=your_client_id
GITHUB_CLIENT_SECRET=your_client_secret
TOKEN_ENCRYPTION_KEY=<32 hex chars>

Generate encryption key: openssl rand -hex 32

Consumer Usage

Import directly from the pool library — no HTTP API needed (SQLite is shared across your vals and you must set TOKEN_ENCRYPTION_KEY env in the Val):

import {
  getToken,
  syncTokenHealth,
} from "https://esm.town/v/kamalnrf/token-pool/lib/pool.ts";

// Get a healthy token (LRU selection)
const t = await getToken();

if (t) {
  const res = await fetch("https://api.github.com/repos/owner/repo", {
    headers: {
      Authorization: `Bearer ${t.token}`,
      "User-Agent": "my-val",
    },
  });

  // Updates rate limits, or removes token if revoked (401)
  await syncTokenHealth(t.id, res);
}

API Reference

getToken(): Promise<TokenWithSecret | null>

Returns the least-recently-used healthy token, or null if pool is empty/exhausted.

interface TokenWithSecret {
  id: number;
  github_user_id: string;
  github_username: string | null;
  token: string; // Decrypted, ready to use
  rate_limit_remaining: number;
  rate_limit_reset_at: number | null;
  // ...
}

syncTokenHealth(tokenId: number, response: Response): Promise<void>

Call after every GitHub API request. Handles:

  • 401: Removes revoked/invalid token from pool
  • Other: Updates rate limit tracking from response headers

reportUsage(tokenId: number, rateLimit: RateLimitInfo): Promise<void>

Lower-level function to update token health. Prefer handleResponse for most cases.

parseRateLimitHeaders(headers: Headers): RateLimitInfo

Helper to extract rate limit info from GitHub response headers.

Endpoints

PathDescription
/Landing page with pool stats
/authStart GitHub OAuth flow
/callbackOAuth callback handler
/statusJSON pool statistics
Code
FeaturesVersion controlCode intelligenceCLIMCP
Use cases
TeamsAI agentsSlackGTM
DocsShowcaseTemplatesNewestTrendingAPI examplesNPM packages
PricingNewsletterBlogAboutCareers
We’re hiring!
Brandhi@val.townStatus
X (Twitter)
Discord community
GitHub discussions
YouTube channel
Bluesky
Open Source Pledge
Terms of usePrivacy policyAbuse contact
© 2026 Val Town, Inc.