@aikidosec/firewall/agent/api/ReportingAPIRateLimitedClientSide.js

Zen by Aikido is an embedded Application Firewall that autonomously protects Node.js apps against common and critical attacks, provides rate limiting, detects malicious traffic (including bots), and more.

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.ReportingAPIRateLimitedClientSide = void 0;
class ReportingAPIRateLimitedClientSide {
    constructor(api, { maxEventsPerInterval, intervalInMs }) {
        this.api = api;
        this.events = [];
        this.maxEventsPerInterval = maxEventsPerInterval;
        this.intervalInMs = intervalInMs;
    }
    async report(token, event, timeoutInMS) {
        if (event.type === "detected_attack" ||
            event.type === "detected_attack_wave") {
            const currentTime = Date.now();
            // Filter out events that are outside the current interval
            // Otherwise, we would keep growing the array indefinitely
            this.events = this.events.filter((e) => e.time > currentTime - this.intervalInMs);
            // If we have reached the maximum number of events, we return an error
            // Instead of sending the event to the server
            if (this.events.length >= this.maxEventsPerInterval) {
                return { success: false, error: "max_attacks_reached" };
            }
            this.events.push(event);
        }
        return await this.api.report(token, event, timeoutInMS);
    }
}
exports.ReportingAPIRateLimitedClientSide = ReportingAPIRateLimitedClientSide;