@backstage/backend-defaults
Version:
Backend defaults used by Backstage backend apps
63 lines (59 loc) • 1.76 kB
JavaScript
;
var expressRateLimit = require('express-rate-limit');
var config = require('@backstage/config');
var types = require('@backstage/types');
const rateLimitMiddleware = (options) => {
const { store, config: config$1 } = options;
let windowMs = 6e4;
if (config$1 && config$1.has("window")) {
const windowDuration = config.readDurationFromConfig(config$1, {
key: "window"
});
windowMs = types.durationToMilliseconds(windowDuration);
}
const limit = config$1?.getOptionalNumber("incomingRequestLimit");
const ipAllowList = config$1?.getOptionalStringArray("ipAllowList") ?? [
"127.0.0.1",
"0:0:0:0:0:0:0:1",
"::1"
];
const skipSuccessfulRequests = config$1?.getOptionalBoolean(
"skipSuccessfulRequests"
);
const skipFailedRequests = config$1?.getOptionalBoolean("skipFailedRequests");
const passOnStoreError = config$1?.getOptionalBoolean("passOnStoreError");
return expressRateLimit.rateLimit({
windowMs,
limit,
skipSuccessfulRequests,
message: {
error: {
name: "Error",
message: `Too many requests, please try again later`
},
response: {
statusCode: 429
}
},
statusCode: 429,
skipFailedRequests,
passOnStoreError,
keyGenerator(req, _res) {
if (!req.ip) {
return req.socket.remoteAddress;
}
return req.ip;
},
skip: (req, _res) => {
return Boolean(req.ip && ipAllowList.includes(req.ip)) || Boolean(
req.socket.remoteAddress && ipAllowList.includes(req.socket.remoteAddress)
);
},
validate: {
trustProxy: false
},
store
});
};
exports.rateLimitMiddleware = rateLimitMiddleware;
//# sourceMappingURL=rateLimitMiddleware.cjs.js.map