@acpr/rate-limit-postgresql
Advanced tools
Changelog
Readme
A PostgreSQL store for the
express-rate-limit
middleware.
From the npm registry:
# Using npm
> npm install --save @acpr/rate-limit-postgresql
# Using yarn or pnpm
> yarn/pnpm add @acpr/rate-limit-postgresql
Functional examples for using rate-limit-postgresql are found in the
following repository
let rateLimit = require('express-rate-limit')
let postgresStores = require('@acpr/rate-limit-postgresql')
let limiter = new RateLimit({
store: new postgresStores.PostgresStore(
{
user: 'postgres',
password: 'postgres',
host: 'localhost',
database: 'rate-limit',
port: 5432,
},
'aggregated_store',
),
windowMs: 15 * 60 * 1000, // 15 minutes
max: 3, // Limit each IP to 3 requests per `window` (here, per 15 minutes)
message:
'Too many accounts created from this IP, please try again after 15 minutes',
standardHeaders: 'draft-7', // Set `RateLimit` and `RateLimit-Policy`` headers
legacyHeaders: false,
})
// apply to all requests
app.use(limiter)
This library is provided in ESM as well as CJS forms, and works with both Javascript and Typescript projects.
This package requires you to use Node 16 or above.
Import it in a CommonJS project (type: commonjs or no type field in
package.json) as follows:
let postgresStores = require('@acpr/rate-limit-postgresql')
Import it in a ESM project (type: module in package.json) as follows:
import postgresStores from '@acpr/rate-limit-postgresql'
There are two different types of Postgres Stores:
PostgresStoreAggregatedIP (with the default PostgresStore constructor)-
which aggregates the IP count in the table, as shown in the following table| key | session_id | count |
|---|---|---|
| 192.168.1.1 | 1 | 3 |
| 192.168.2.1 | 1 | 1 |
PostgresStoreIndividualIP - which stores the IP of each request in a
separate row (as shown in the following table) and performs the aggregation
at a separate step| id | key | session_id | event_time |
|---|---|---|---|
| 1 | 192.168.1.1 | 1 | 2023-09-13T07:40:09+00:00 |
| 2 | 192.168.1.1 | 1 | 2023-09-13T07:40:10+00:00 |
| 3 | 192.168.1.1 | 1 | 2023-09-13T07:40:11+00:00 |
| 4 | 192.168.2.1 | 1 | 2023-09-13T07:40:11+00:00 |
Note: The database uses UUID as a data type for IDs, the tables contain integers as IDs to keep illustration simple.
Both types of store take the same input in their constructor
config - The database configuration as specified in the
node-postgres configuration.prefix - The unique name of the session (persisted in the database). Used by
the double-count check to avoid false-positives when a key is counted twice,
but with different prefixes.Project license is specified in the license file. Third party licenses are located in the third_party_licenses folder
FAQs
A PostgreSQL store for the `express-rate-limit` middleware
The npm package @acpr/rate-limit-postgresql receives a total of 95 weekly downloads. As such, @acpr/rate-limit-postgresql popularity was classified as not popular.
We found that @acpr/rate-limit-postgresql demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
This episode of the Risky Biz podcast discusses how the rise of small open source packages and the shift towards individual maintainers makes the ecosystem more vulnerable to supply chain attacks.
Product
Streamline your login process and enhance security by enabling Single Sign-On (SSO) on the Socket platform, now available for all customers on the Enterprise plan, supporting 20+ identity providers.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.