express-limit
Advanced tools
Readme
express-limit is a small project that add rate limitations to your API.
npm install --save express-limit
const limit = require("express-limit").limit;
app.get(
"/api/users",
limit({
max: 5, // 5 requests
period: 60 * 1000, // per minute (60 seconds)
}),
function (req, res) {
res.status(200).json({});
}
);
{
(max = 60), // Maximum request per period
(period = 60 * 1000), // Period in milliseconds
(prefix = "rate-limit-"), // Prefix of the key
(status = 429), // Status code in case of rate limit reached
(message = "Too many requests"), // Message in case of rate limit reached
(identifier = (request) => {
// The identifier function/value of the key (IP by default, could be "req.user.id")
return request.ip || request.ips; // Read from Default properties
}),
(headers = {
// Headers names
remaining: "X-RateLimit-Remaining",
reset: "X-RateLimit-Reset",
limit: "X-RateLimit-Limit",
}),
(store = new Store()); // The storage, default storage: in-memory
}
In some cases, you could want to skip the limitation you made for trusted client. In this case, you can add a special field in the request object:
req._skip_limits = true;
Also, you could want to add specific limitations for a special client. In this case, you can add a special field in the request object:
req._custom_limits = {
max: 1000, // 1000 requests
period: 60 * 1000, // per minutes
};
Just don't forget where you place this modification! It could be applied for all routes!
Actually, two stores have been made:
const RateLimiter = require("express-limit").RateLimiter;
const InMemoryStore = require("express-limit").InMemoryStore;
const store = new InMemoryStore();
const limit = (options = {}) => {
options.store = store;
return new RateLimiter(options).middleware;
};
app.get(
"/api/users",
limit({
max: 5, // 5 requests
period: 60 * 1000, // per minute (60 seconds)
}),
function (req, res) {
res.status(200).json({});
}
);
const redis = require("redis");
const client = redis.createClient();
const RateLimiter = require("express-limit").RateLimiter;
const RedisStore = require("express-limit").RedisStore;
const store = new RedisStore(client);
const limit = (options = {}) => {
options.store = store;
return new RateLimiter(options).middleware;
};
app.get(
"/api/users",
limit({
max: 5, // 5 requests
period: 60 * 1000, // per minute (60 seconds)
}),
function (req, res) {
res.status(200).json({});
}
);
true)const redis = require("redis");
const client = redis.createClient({
legacyMode: true,
});
const RateLimiter = require("express-limit").RateLimiter;
const RedisLegacyStore = require("express-limit").RedisLegacyStore;
const store = new RedisLegacyStore(client);
const limit = (options = {}) => {
options.store = store;
return new RateLimiter(options).middleware;
};
app.get(
"/api/users",
limit({
max: 5, // 5 requests
period: 60 * 1000, // per minute (60 seconds)
}),
function (req, res) {
res.status(200).json({});
}
);
FAQs
A rate-limiter for Express JS.
The npm package express-limit receives a total of 451 weekly downloads. As such, express-limit popularity was classified as not popular.
We found that express-limit demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.
Security News
GitHub is susceptible to a CDN flaw that allows attackers to host malware on any public repository.