New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More
Socket
Sign inDemoInstall
Socket

@canmertinyo/rate-limiter-core

Package Overview
Dependencies
Maintainers
0
Versions
12
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@canmertinyo/rate-limiter-core

A simple rate-limiting middleware for Express.js with support for in-memory, Redis, and MongoDB storage

  • 2.1.9
  • latest
  • Source
  • npm
  • Socket score

Version published
Maintainers
0
Created
Source

Express Rate Limiter

This set of packages provides flexible and highly customizable rate-limiting solutions for Node.js applications. The core package, @canmertinyo/rate-limiter-core, includes the in-memory implementation. To enable storage-backed rate limiting, you can integrate it with either @canmertinyo/rate-limiter-mongo for MongoDB, @canmertinyo/rate-limiter-redis for Redis, or @canmertinyo/rate-limiter-memcached for Memcached.

Rate Limiter Options

OptionTypeDescriptionDefault ValueExample
msnumberTime window in milliseconds for rate limiting.60000 (1 minute)ms: 60000
maxRequestnumberMaximum requests allowed within the time window.10maxRequest: 10
storageobjectStorage manager for rate limits (e.g., in-memory, MongoDB, Redis, Memcached).undefined (in-memory)storage: mongoStorage
messagestringCustom message returned when rate limit is exceeded."Too many requests"message: "Too many requests, please try again later."
statusCodenumberHTTP status code for rate limit responses.429statusCode: 429
keyGeneratorfunctionFunction to generate a unique key for rate limiting (e.g., based on req.ip or headers).(req) => req.ipkeyGenerator: (req) => req.ip
skipfunctionFunction to bypass rate limiting for certain requests (e.g., based on user role).undefinedskip: (req) => req.headers["x-user-role"] === "admin"
errorHandlerfunctionError handling function for issues from the storage layer.Logs error and proceeds.errorHandler: (req, res, next) => next()
passOnStoreErrorbooleanWhether to allow requests to pass even if the storage fails.falsepassOnStoreError: true

To install (Core version only in memory):

npm install @canmertinyo/rate-limiter-core

To install (Mongo store):

npm install @canmertinyo/rate-limiter-mongo mongoose

To install (Redis store)

npm install @canmertinyo/rate-limiter-redis ioredis

To install (Memcached store)

npm install @canmertinyo/rate-limiter-memcached memcached

Example usage :

import express from "express";
import { rateLimiter } from "@canmertinyo/rate-limiter-core";

const app = express();

// Apply rate limiter middleware
app.use(
  rateLimiter({
    ms: 60000, // Time in milliseconds
    maxRequest: 5, // Maximum requests allowed within the time
    //DEFAULT IS IN MEMORY
  })
);

app.get("/", (req, res) => {
  res.send("Welcome to the API!");
});

app.listen(3000, () => {
  console.log("Server is running on http://localhost:3000");
});

Using Redis As A Store Manager

import express from "express";
import { RedisStorage } from "@canmertinyo/rate-limiter-redis";
import { rateLimiter } from "@canmertinyo/rate-limiter-core";

const app = express();
const port = 3001;

// Configure the rate limiter with Redis storage
app.use(
  rateLimiter({
    ms: 5000, // Time window in milliseconds
    maxRequest: 2, // Maximum requests allowed in the time window
    storage: new RedisStorage({ host: "127.0.0.1", port: 6379 }), // Redis configuration
  })
);

// Sample route
app.get("/", (req, res) => {
  res.send("Hello World!");
});

// Start the server
app.listen(port, () => {
  console.log(`Server listening on port ${port}`);
});

Using Mongo As A Store Manager

import express from "express";
import { MongoStorage } from "@canmertinyo/rate-limiter-mongo";
import { rateLimiter } from "@canmertinyo/rate-limiter-core";

const app = express();
const port = 3001;

// MongoDB connection string (replace with your MongoDB URL)
const mongoUrl = "mongodb://your-mongodb-url";

app.use(
  rateLimiter({
    ms: 5000, // Time window in milliseconds
    maxRequest: 2, // Maximum requests allowed in the time window
    storage: new MongoStorage(mongoUrl), // MongoDB configuration
  })
);

// Sample route
app.get("/", (req, res) => {
  res.send("Hello World!");
});

// Start the server
app.listen(port, () => {
  console.log(`Server listening on port ${port}`);
});
app.use(
  rateLimiter({
    ms: 60000, // Time window in milliseconds
    maxRequest: 10, // Maximum requests allowed
    storage: mongoStorage, // Use MongoDB or Redis as storage or just leave it as empty. it will behave in memory storage
    message: "Too many requests, please try again later.", // Custom rate limit message
    statusCode: 429, // OPTIONAL: You can fully optimize HTTP status code for rate limit response
    keyGenerator: (req) => req.ip, //OPTIONAL :  Custom key generator
    skip: (req) => {
      //OPTIONAL :
      const userRole = req.headers["x-user-role"]; // Assume user role is passed in headers
      return userRole === "admin"; // Skip rate limiting for admin users
    },
    errorHandler: (req, res, next) => {
      console.error("Rate limiter error");
      next();
    }, // Handle errors from storage
    passOnStoreError: true, // Pass requests even if storage fails
  })
);

Using memcached as a store manager

import express from "express";
import { MemcachedStore } from "@canmertinyo/rate-limiter-memcached";
import { rateLimiter } from "@canmertinyo/rate-limiter-core";

const app = express();
const port = 3001;

// Configure the rate limiter with Memcached storage
app.use(
  rateLimiter({
    ms: 5000, // Time window in milliseconds
    maxRequest: 2, // Maximum requests allowed in the time window
    storage: new MemcachedStore("127.0.0.1:11211", { //optons for customize db behaivor }), // Memcached configuration
  })
);

// Sample route
app.get("/", (req, res) => {
  res.send("Hello World!");
});

// Start the server
app.listen(port, () => {
  console.log(`Server listening on port ${port}`);
});

Keywords

FAQs

Package last updated on 03 Dec 2024

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc