Design a rate limiter that enforces two independent rules on every incoming request:
No more than N requests per second per user.
No more than M requests per minute per user.
Each rule is evaluated with a sliding window: a request at timestamp t is accepted only if the number of requests in the windows [t-1, t) and [t-60, t) respectively is below the configured thresholds. Only requests that satisfy both rules are forwarded; any request that violates either rule is dropped and must not be added to either window. The system must support millions of users with sub-millisecond checks, so memory per user must be bounded and independent of request volume. Implement the core decision logic that, given a user id and integer Unix timestamp (seconds), returns true if the request should be accepted or false if it should be dropped with HTTP 429.