@acpr/rate-limit-postgresql
Advanced tools
A PostgreSQL store for the `express-rate-limit` middleware
A PostgreSQL store for the
express-rate-limit
middleware.
From the npm registry:
# Using npm
> npm install --save @acpr/rate-limit-postgresql
# Using yarn or pnpm
> yarn/pnpm add @acpr/rate-limit-postgresql
Functional examples for using rate-limit-postgresql are found in the
following repository
let rateLimit = require('express-rate-limit')
let postgresStores = require('@acpr/rate-limit-postgresql')
let limiter = new RateLimit({
store: new postgresStores.PostgresStore(
{
user: 'postgres',
password: 'postgres',
host: 'localhost',
database: 'rate-limit',
port: 5432,
},
'aggregated_store',
),
windowMs: 15 * 60 * 1000, // 15 minutes
max: 3, // Limit each IP to 3 requests per `window` (here, per 15 minutes)
message:
'Too many accounts created from this IP, please try again after 15 minutes',
standardHeaders: 'draft-7', // Set `RateLimit` and `RateLimit-Policy`` headers
legacyHeaders: false,
})
// apply to all requests
app.use(limiter)
This library is provided in ESM as well as CJS forms, and works with both Javascript and Typescript projects.
This package requires you to use Node 16 or above.
Import it in a CommonJS project (type: commonjs or no type field in
package.json) as follows:
let postgresStores = require('@acpr/rate-limit-postgresql')
Import it in a ESM project (type: module in package.json) as follows:
import postgresStores from '@acpr/rate-limit-postgresql'
There are two different types of Postgres Stores:
PostgresStoreAggregatedIP (with the default PostgresStore constructor)-
which aggregates the IP count in the table, as shown in the following table| key | session_id | count |
|---|---|---|
| 192.168.1.1 | 1 | 3 |
| 192.168.2.1 | 1 | 1 |
PostgresStoreIndividualIP - which stores the IP of each request in a
separate row (as shown in the following table) and performs the aggregation
at a separate step| id | key | session_id | event_time |
|---|---|---|---|
| 1 | 192.168.1.1 | 1 | 2023-09-13T07:40:09+00:00 |
| 2 | 192.168.1.1 | 1 | 2023-09-13T07:40:10+00:00 |
| 3 | 192.168.1.1 | 1 | 2023-09-13T07:40:11+00:00 |
| 4 | 192.168.2.1 | 1 | 2023-09-13T07:40:11+00:00 |
Note: The database uses UUID as a data type for IDs, the tables contain integers as IDs to keep illustration simple.
Both types of store take the same input in their constructor
config - The database configuration as specified in the
node-postgres configuration.prefix - The unique name of the session (persisted in the database). Used by
the double-count check to avoid false-positives when a key is counted twice,
but with different prefixes.Project license is specified in the license file. Third party licenses are located in the third_party_licenses folder
FAQs
A PostgreSQL store for the `express-rate-limit` middleware
We found that @acpr/rate-limit-postgresql demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Fluent Assertions is facing backlash after dropping the Apache license for a commercial model, leaving users blindsided and questioning contributor rights.
Research
Security News
Socket researchers uncover the risks of a malicious Python package targeting Discord developers.
Security News
The UK is proposing a bold ban on ransomware payments by public entities to disrupt cybercrime, protect critical services, and lead global cybersecurity efforts.