express-limiter - npm Package Compare versions

Comparing version 1.2.0 to 1.3.0

index.js

@@ -12,4 +12,5 @@ module.exports = function (app, db) {
       }).join(':')
-
-      var key = 'ratelimit:' + opts.path + ':' + opts.method + ':' + lookups
+      var path = opts.path || req.path
+      var method = (opts.method || req.method).toLowerCase()
+      var key = 'ratelimit:' + path + ':' + method + ':' + lookups
       db.get(key, function (err, limit) {
@@ -31,4 +32,3 @@ if (err && opts.ignoreErrors) return next()
         limit.remaining = Math.max(Number(limit.remaining) - 1, 0)
-
-        db.set(key, JSON.stringify(limit), function () {
+        db.set(key, JSON.stringify(limit), 'PX', opts.expire, function (e) {
           if (!opts.skipHeaders) {
@@ -35,0 +35,0 @@ res.set('X-RateLimit-Limit', limit.total)

package.json

 {
   "name": "express-limiter",
-  "version": "1.2.0",
+  "version": "1.3.0",
   "description": "rate limiter middleware for express applications",
@@ -5,0 +5,0 @@ "main": "index.js",

tests/index.js

@@ -73,4 +73,4 @@ var chai = require('chai')
 
-  describe('options', function() {
-    it('should process skipHeaders', function (done) {
+  context('options', function() {
+    it('should process options.skipHeaders', function (done) {
       limiter({
@@ -117,3 +117,3 @@ path: '/route',
 
-      sinon.stub(redis, 'get', function(key, callback) {
+      var stub = sinon.stub(redis, 'get', function(key, callback) {
         callback({err: true})
@@ -123,6 +123,57 @@ })
       request(app)
-        .get('/route')
-          .expect(200, done)
+      .get('/route')
+      .expect(200, function (e) {
+        done(e)
+        stub.restore()
+      })
     })
   })
+
+  context('direct middleware', function () {
+
+    it('is able to mount without `path` and `method`', function (done) {
+      var clock = sinon.useFakeTimers()
+      var middleware = limiter({
+        lookup: 'connection.remoteAddress',
+        total: 3,
+        expire: 1000 * 60 * 60
+      })
+      app.get('/direct', middleware, function (req, res, next) {
+        res.send(200, 'is direct')
+      })
+      v.waterfall(
+        function (f) {
+          process.nextTick(function () {
+            request(app)
+            .get('/direct')
+            .expect('X-RateLimit-Limit', 3)
+            .expect('X-RateLimit-Remaining', 2)
+            .expect(200, function (e) {f(e)})
+          })
+        },
+        function (f) {
+          process.nextTick(function () {
+            request(app)
+            .get('/direct')
+            .expect('X-RateLimit-Limit', 3)
+            .expect('X-RateLimit-Remaining', 1)
+            .expect(200, function (e) {f(e)})
+          })
+        },
+        function (f) {
+          process.nextTick(function () {
+            request(app)
+            .get('/direct')
+            .expect('X-RateLimit-Limit', 3)
+            .expect('X-RateLimit-Remaining', 0)
+            .expect('Retry-After', /\d+/)
+            .expect(429, function (e) { f(null) })
+          })
+        },
+        function (e) {
+          done(e)
+        }
+      )
+    })
+  })
 })

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

AI-detected possible typosquat

Supply chain risk

AI has identified this package as a potential typosquat of a more popular package. This suggests that the package may be intentionally mimicking another package's name, description, or other metadata.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

12172

increased by14.65%

Lines of code

202

increased by33.77%

Number of medium supply chain risk alerts

0

decreased by-100%

No dependency changes