limiter

What is limiter?

The 'limiter' npm package is used to control the rate of operations in Node.js applications. It allows you to limit the number of operations that can be performed over a given period of time, which is useful for rate-limiting API requests, managing resource usage, and preventing abuse.

What are limiter's main functionalities?

Basic Rate Limiting

This feature allows you to limit the number of operations to a specified number per interval. In this example, the limiter allows 5 requests per second. If the limit is exceeded, it logs 'Rate limit exceeded'.

const { RateLimiter } = require('limiter');

const limiter = new RateLimiter({ tokensPerInterval: 5, interval: 'second' });

async function makeRequest() {
  const remainingRequests = await limiter.removeTokens(1);
  if (remainingRequests >= 0) {
    console.log('Request allowed');
  } else {
    console.log('Rate limit exceeded');
  }
}

makeRequest();

Custom Intervals

This feature allows you to set custom intervals for rate limiting. In this example, the limiter allows 10 requests per minute.

const { RateLimiter } = require('limiter');

const limiter = new RateLimiter({ tokensPerInterval: 10, interval: 60000 }); // 10 requests per minute

async function makeRequest() {
  const remainingRequests = await limiter.removeTokens(1);
  if (remainingRequests >= 0) {
    console.log('Request allowed');
  } else {
    console.log('Rate limit exceeded');
  }
}

makeRequest();

Rate Limiting with Bursts

This feature allows for bursts of requests to be made immediately up to the limit, and then enforces the rate limit. In this example, the limiter allows 5 requests per second and can handle bursts.

const { RateLimiter } = require('limiter');

const limiter = new RateLimiter({ tokensPerInterval: 5, interval: 'second', fireImmediately: true });

async function makeRequest() {
  const remainingRequests = await limiter.removeTokens(1);
  if (remainingRequests >= 0) {
    console.log('Request allowed');
  } else {
    console.log('Rate limit exceeded');
  }
}

makeRequest();

Other packages similar to limiter

bottleneck

Bottleneck is a powerful rate limiter and scheduler for Node.js and the browser. It provides more advanced features like clustering, priority queues, and reservoir management. Compared to 'limiter', Bottleneck offers more flexibility and control over rate limiting and task scheduling.

rate-limiter-flexible

Rate-limiter-flexible is a highly configurable rate limiter for Node.js. It supports various storage options like Redis, MongoDB, and in-memory. It offers more advanced features such as penalty and reward mechanisms, and different rate limiting strategies. It is more versatile compared to 'limiter'.

express-rate-limit

Express-rate-limit is a middleware for Express.js applications to limit repeated requests to public APIs. It is specifically designed for use with Express and provides easy integration with minimal configuration. It is more specialized for Express.js compared to 'limiter'.

README

limiter

Provides a generic rate limiter for node.js. Useful for API clients, web crawling, or other tasks that need to be throttled. Two classes are exposed, RateLimiter and TokenBucket. TokenBucket provides a lower level interface to rate limiting with a configurable burst rate and drip rate. RateLimiter sits on top of the token bucket and adds a restriction on the maximum number of tokens that can be removed each interval to comply with common API restrictions like "150 requests per hour maximum".

Installation

Use NPM to install:

npm install limiter

Usage

A simple example allowing 150 requests per hour:

var RateLimiter = require('limiter').RateLimiter;
// Allow 150 requests per hour (the Twitter search limit). Also understands
// 'second', 'minute', 'day', or a number of milliseconds
var limiter = new RateLimiter(150, 'hour');

// Throttle requests
limiter.removeTokens(1, function(err, remainingRequests) {
  // err will only be set if we request more than the maximum number of
  // requests we set in the constructor
  
  // remainingRequests tells us how many additional requests could be sent
  // right this moment
  
  callMyRequestSendingFunction(...);
});

Another example allowing one message to be sent every 250ms:

var RateLimiter = require('limiter').RateLimiter;
var limiter = new RateLimiter(1, 250);

limiter.removeTokens(1, function() {
  callMyMessageSendingFunction(...);
});

The default behaviour is to wait for the duration of the rate limiting that’s currently in effect before the callback is fired, but if you pass in true as the third parameter, the callback will be fired immediately with remainingRequests set to -1:

var RateLimiter = require('limiter').RateLimiter;
var limiter = new RateLimiter(150, 'hour', true);  // fire CB immediately

// Immediately send 429 header to client when rate limiting is in effect
limiter.removeTokens(1, function(err, remainingRequests) {
  if (remainingRequests < 0) {
    response.writeHead(429, {'Content-Type': 'text/plain;charset=UTF-8'});
    response.end('429 Too Many Requests - your IP is being rate limited');
  } else {
    callMyMessageSendingFunction(...);
  }
});

To get the number of remaining tokens outside the removeTokens-callback simply use the getTokensRemaining-method.

var RateLimiter = require('limiter').RateLimiter;
var limiter = new RateLimiter(1, 250);

// returns 1 since we did not remove a token and our number of tokens per interval is 1
limiter.getTokensRemaining();

Uses the token bucket directly to throttle at the byte level:

var BURST_RATE = 1024 * 1024 * 150; // 150KB/sec burst rate
var FILL_RATE = 1024 * 1024 * 50; // 50KB/sec sustained rate
var TokenBucket = require('limiter').TokenBucket;
// We could also pass a parent token bucket in as the last parameter to
// create a hierarchical token bucket
var bucket = new TokenBucket(BURST_RATE, FILL_RATE, 'second', null);

bucket.removeTokens(myData.byteLength, function() {
  sendMyData(myData);
});

Additional Notes

Both the token bucket and rate limiter should be used with a message queue or some way of preventing multiple simultaneous calls to removeTokens(). Otherwise, earlier messages may get held up for long periods of time if more recent messages are continually draining the token bucket. This can lead to out of order messages or the appearance of "lost" messages under heavy load.

Sponsors

• cull.tv - New music television

License

(The MIT License)

Copyright (c) 2011 Cull TV, Inc. <jhurliman@cull.tv>

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the 'Software'), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.