express-limiter - npm Package Compare versions

Comparing version 1.5.0 to 1.6.0

index.js

@@ -32,11 +32,11 @@ module.exports = function (app, db) {
         // do not allow negative remaining
-        limit.remaining = Math.max(Number(limit.remaining) - 1, 0)
+        limit.remaining = Math.max(Number(limit.remaining) - 1, -1)
         db.set(key, JSON.stringify(limit), 'PX', opts.expire, function (e) {
           if (!opts.skipHeaders) {
             res.set('X-RateLimit-Limit', limit.total)
-            res.set('X-RateLimit-Remaining', limit.remaining)
             res.set('X-RateLimit-Reset', Math.ceil(limit.reset / 1000)) // UTC epoch seconds
+            res.set('X-RateLimit-Remaining', Math.max(limit.remaining,0))
           }
 
-          if (limit.remaining) return next()
+          if (limit.remaining >= 0) return next()
 
@@ -52,2 +52,9 @@ var after = (limit.reset - Date.now()) / 1000
     }
+    if (typeof(opts.lookup) === 'function') {
+      middleware = function (middleware, req, res, next) {
+        return opts.lookup(req, res, opts, function () {
+          return middleware(req, res, next)
+        })
+      }.bind(this, middleware)
+    }
     if (opts.method && opts.path) app[opts.method](opts.path, middleware)
@@ -54,0 +61,0 @@ return middleware

package.json

 {
   "name": "express-limiter",
-  "version": "1.5.0",
+  "version": "1.6.0",
   "description": "rate limiter middleware for express applications",
@@ -5,0 +5,0 @@ "main": "index.js",

README.md

@@ -44,3 +44,3 @@ ## Express rate-limiter
  - `method`: `String` *optional* http method. accepts `get`, `post`, `put`, `delete`, and of course Express' `all`
- - `lookup`: `String|Array.<String>` value lookup on the request object. Can be a single value or array. See [examples](#examples) for common usages
+ - `lookup`: `Function|String|Array.<String>` value lookup on the request object. Can be a single value, array or function. See [examples](#examples) for common usages
  - `total`: `Number` allowed number of requests before getting rate limited
@@ -118,2 +118,16 @@ - `expire`: `Number` amount of time in `ms` before the rate-limited is reset
 
+// with a function for dynamic-ness
+limiter({
+  lookup: function(req, res, opts, next) {
+    if (validApiKey(req.query.api_key)) {
+      opts.lookup = 'query.api_key'
+      opts.total = 100
+    } else {
+      opts.lookup = 'connection.remoteAddress'
+      opts.total = 10
+    }
+    return next()
+  }
+})
+
 ```
@@ -120,0 +134,0 @@

tests/index.js

@@ -24,3 +24,3 @@ var chai = require('chai')
   it('should work', function (done) {
-    var map = [10, 9, 8, 7, 6, 5, 4, 3, 2]
+    var map = [10, 9, 8, 7, 6, 5, 4, 3, 2, 1]
     var clock = sinon.useFakeTimers()
@@ -131,2 +131,28 @@
     })
+
+    it('should process lookup as a function', function (done) {
+      limiter({
+        path: '*',
+        method: 'all',
+        lookup: function (req, res, opts, next) {
+          opts.lookup = 'query.api_key';
+          opts.total = 20
+          return next()
+        },
+        total: 3,
+        expire: 1000 * 60 * 60
+      })
+
+      app.get('/route', function (req, res) {
+        res.send(200, 'hello')
+      })
+
+      request(app)
+      .get('/route?api_key=foobar')
+      .expect('X-RateLimit-Limit', 20)
+      .expect('X-RateLimit-Remaining', 19)
+      .expect(200, function (e) {
+        done(e)
+      })
+    })
   })
@@ -133,0 +159,0 @@

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

14098

increased by9.49%

Lines of code

239

increased by14.35%

Number of lines in readme file

147

increased by10.53%

No dependency changes