Context A public API is being abused by scripts making thousands of requests per minute from the same IP address. The Problem There is no rate limiting in place, exposing the service to denial-of-service attacks and resource exhaustion. Constraints Implement a sliding window rate limiter using a Redis store. Allow 100 requests per minute per IP. Return a 429 status with a Retry-After header when the limit is exceeded. Do not use any existing rate-limit library. Expected Deliverable A custom Express rate limiting middleware using Redis and the sliding window algorithm, returning correct 429 responses with retry guidance.