Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
express-rate-limit
Advanced tools
express-rate-limit - npm Package Compare versions
Comparing version 1.0.2 to 1.0.3
@@ -15,3 +15,4 @@ 'use strict'; | ||
| max: 5, // max number of recent connections during `window` miliseconds before sending a 400 response | ||
| global: false // if true, IP address is ignored and setting is applied equally to all requests | ||
| global: false, // if true, IP address is ignored and setting is applied equally to all requests | ||
| message : 'Too many requests, please try again later.' | ||
| }); | ||
@@ -22,6 +23,6 @@ | ||
| if (typeof hits[ip] !== "number") { | ||
| hits[ip] = 0; // first one's free ;) | ||
| if (hits[ip]) { | ||
| hits[ip]++; | ||
| } else { | ||
| hits[ip]++; | ||
| hits[ip] = 1; | ||
| } | ||
@@ -31,4 +32,5 @@ | ||
| // cleanup | ||
| hits[ip]--; | ||
| if (hits[ip] <=0 ) { | ||
| if (hits[ip]) { | ||
| hits[ip]--; | ||
| } else { | ||
| delete hits[ip]; | ||
@@ -38,8 +40,9 @@ } | ||
| if (hits[ip] >= options.max) { | ||
| if (hits[ip] > options.max) { | ||
| // 429 status = Too Many Requests (RFC 6585) | ||
| return res.status(429).end('Too many requests, please try again later.'); | ||
| return res.status(429).end(options.message); | ||
| } | ||
| var delay = hits[ip] * options.delayMs; | ||
| // first hit shouldn't be delayed, so subtract 1 | ||
| var delay = (hits[ip]-1) * options.delayMs; | ||
| setTimeout(next, delay); | ||
@@ -49,2 +52,2 @@ }; | ||
| module.exports = RateLimit; | ||
| module.exports = RateLimit; |
| { | ||
| "name": "express-rate-limit", | ||
| "version": "1.0.2", | ||
| "version": "1.0.3", | ||
| "description": "Basic rate-limiting middleware for Express. Use to limit access to public endpoints such as account creation and password reset.", | ||
@@ -5,0 +5,0 @@ "homepage": "https://github.com/nfriedly/express-rate-limit", |
@@ -30,6 +30,7 @@ # Express Rate Limit | ||
| // window, delay, and max apply per-ip unless global is set to true | ||
| windowMs: 60 * 1000 // miliseconds - how long to keep records of requests in memory | ||
| windowMs: 60 * 1000, // miliseconds - how long to keep records of requests in memory | ||
| delayMs: 1000, // milliseconds - base delay applied to the response - multiplied by number of recent hits from user's IP | ||
| max: 5, // max number of recent connections during `window` miliseconds before (temporarily) bocking the user. | ||
| global: false // if true, IP address is ignored and setting is applied equally to all requests | ||
| global: false, // if true, IP address is ignored and setting is applied equally to all requests | ||
| message: 'You have been very naughty.. No API response for you!!' // if message is set, the provide message will be shown instead of `Too many requests, please try again later.` | ||
| }); | ||
@@ -36,0 +37,0 @@ |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by5.42%
5076
- Lines of code
- increased by11.76%
38
- Number of lines in readme file
- increased by2%
51
No dependency changes