hapi-ratelimiter
Advanced tools
A simple IP based rate limiting plugin for Hapi using Redis.
##Installation
npm install hapi-ratelimiter
In the Hapi init code:
const Hapi = require('hapi');
const Limiter = require('hapi-ratelimit');
const server = new Hapi.Server();
server.connection();
// Ratelimiter config
const options = {
redis: process.env.REDIS_URL, // Or any valid ioredis options
namespace: 'clhr', // Namespace for redis keys
global: {
limit: 200, // Set limit to -1 or leave out global to disable global limit
duration: '30 minutes'
}
// Global limit is not given priority over local limits
};
connection.register({ register: Limiter, options: options }, (err) => {
if (err) {
throw err;
}
});
connection.route({
method: 'GET',
path: '/someImportantRoute',
handler: someHandler,
config: {
plugins: { // If you want to override the default values
'hapi-ratelimit': {
limit: 100,
duration: '1 hour' // Any valid ms config (https://github.com/rauchg/ms.js)
} // Limits to one hundred hits per minute on a specific route
}
}
});
This module borrows heavily from creativelive/hapi-ratelimit, so credit for original implementation goes there. The rate-limiting logic in itself relies on tj/node-ratelimiter, which is another awesome project.
FAQs
A rate limiting plugin for Hapi.
We found that hapi-ratelimiter demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Critics call the Node.js EOL CVE a misuse of the system, sparking debate over CVE standards and the growing noise in vulnerability databases.
Security News
cURL and Go security teams are publicly rejecting CVSS as flawed for assessing vulnerabilities and are calling for more accurate, context-aware approaches.
Security News
Bun 1.2 enhances its JavaScript runtime with 90% Node.js compatibility, built-in S3 and Postgres support, HTML Imports, and faster, cloud-first performance.