diff --git a/src/cartsnitch_api/middleware/rate_limit.py b/src/cartsnitch_api/middleware/rate_limit.py
index 22552ec..e736537 100644
--- a/src/cartsnitch_api/middleware/rate_limit.py
+++ b/src/cartsnitch_api/middleware/rate_limit.py
@@ -26,6 +26,7 @@ class RateLimitBackend(Protocol):
     """Protocol for rate limit backends."""
 
     max_requests: int
+    window_seconds: int
 
     async def is_allowed(self, key: str) -> tuple[bool, int, int]:
         """Check if request is allowed. Returns (allowed, remaining, retry_after)."""
@@ -84,7 +85,8 @@ class RedisSlidingWindow:
             if current_count >= self.max_requests:
                 oldest = await self.redis.zrange(key, 0, 0, withscores=True)
                 if oldest:
-                    retry_after = int((float(oldest[0][1]) - cutoff) / 1000) + 1
+                    oldest_score = float(oldest[0][1])
+                    retry_after = int((oldest_score - cutoff) / 1000) + 1
                 else:
                     retry_after = self.window_seconds
                 return False, 0, retry_after