This implementation is too naive. You can't just autocomplete queries, you have to accept typos and errors and suggest the correct query. That's the hard part.
This is great need to figure out a good way to do request verification maybe to ensure the request it properly signed.<p>Update: this looks like a good article describing a verification scheme <a href="http://www.stavros.io/posts/writing-an-nginx-authentication-module-in-lua/" rel="nofollow">http://www.stavros.io/posts/writing-an-nginx-authentication-...</a>
The usual implementation for autocomplete is to generate a trie data structure. A naive implementation will not have auto-correction or fix problems more established implementations have already addressed.
I love Redis, nginx, and Lua and wrote my own autocomplete implementation using Metaphone (e.g. <a href="https://github.com/threedaymonk/text" rel="nofollow">https://github.com/threedaymonk/text</a>) but after a while it became clear that what I really wanted was an instance of Solr.
I wonder if replacing nginx+lua with <a href="http://webd.is/" rel="nofollow">http://webd.is/</a> would be faster (and maybe easier to deploy)?