Security News
Oracle Drags Its Feet in the JavaScript Trademark Dispute
Oracle seeks to dismiss fraud claims in the JavaScript trademark dispute, delaying the case and avoiding questions about its right to the name.
By Sarah Gooding - Feb 07, 2025
New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
@aspiesoft/express-device-rate-limit
Advanced tools
@aspiesoft/express-device-rate-limit
  
Rate limiting that can be stricter on cirtain devices or geo locations.
Installation
npm install express-device-rate-limit
Setup
const deviceRateLimit = require('express-device-rate-limit');
const express = require('express');
const app = express();
const rateLimit = deviceRateLimit({/* options */});
// auto setup
rateLimit.all(app);
// manual setup
// body parser pre config
app.use(rateLimit.bodyParserUrlEncoded());
app.use(rateLimit.bodyParserJSON());
// or access the body-parser module directly
app.use(rateLimit.bodyParser.urlencoded({extended: true}))
app.use(rateLimit.bodyParser.json({type: ['json', 'application/csp-report'], limit: '1mb'}))
// device.capture function
app.use(rateLimit.deviceCapture());
// or access the express-device module directly
app.use(rateLimit.device.capture());
app.use(rateLimit.rateLimit());
Usage
//node: these are the default values for these options
const rateLimit = deviceRateLimit({
// the number of requests that can be made by a user within a given time
// this is multiplied by the value of the defEffect option
limit: 100,
// the amount of time before reseting the recording of a users request rate
// s: seconds, m: minutes, h: hours, D: days, M: months, Y: years
time: '1m',
// the amount of time to kick a user who goes above the rate limit
kickTime: '1h',
// the default score to increase a user request rate by
defEffect: 5,
// the minimum score to increase a user request rate by
minEffect: 1,
// the maximum score to increase a user request rate by
maxEffect: this.limit * this.defEffect / 20,
// how strict should a score increase be
// the amount a score is increased by will be multiplied by this number
strict: 1,
// how passive should a score decrease be
// the amount a score is decreased by will be multiplied by this number
passive: 1,
// optional: handle a rate limit error in any way you want
err: function(req, res, next){
// by default this status and message is sent if a users request rate goes past the limit
res.status(429).send('<h1>Error 429</h1><h2>Too Many Requests</h2>').end();
},
// optional: geo location options
// you can increase the effect (rate score) of a user based on location
geo: {
// how strict should a score increase be
// the amount a score is increased by will be multiplied by this number
//note: if this number is negative, the score will be decreased
// a decreased score allows you to be stricter on a specific location instead
strict: 1,
// the below options are disabled and ignored by default
//note: each option is added up
// specifying a country and region will increase the score twice if neither apply
country: ['US'], // +4
region: ['NY'], // +3
city: ['MyCityName'], // +2
timezone: ['America/New_York'], // +2
range: [12345, 67890], // +1
area: 1, // +0.5
metro: 123, // +0.5
//note: if the geoIP module returns null, their score will be increased by +2
},
});
FAQs
  
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Linux Foundation Warns Open Source Developers: Compliance with Sanctions Is Not Optional
The Linux Foundation is warning open source developers that compliance with global sanctions is mandatory, highlighting legal risks and restrictions on contributions.
By Sarah Gooding - Feb 06, 2025
Security News
Maven Central Adds Sigstore Signature Validation
Maven Central now validates Sigstore signatures, making it easier for developers to verify the provenance of Java packages.
By Sarah Gooding - Feb 06, 2025