UNPKG

@fastify/rate-limit

Version:

A low overhead rate limiter for your routes

github.com/fastify/fastify-rate-limit

fastify/fastify-rate-limit

121 lines (104 loc) 2.85 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
'use strict' const { test, mock } = require('node:test') const Fastify = require('fastify') const rateLimit = require('../../index') test('issue #207 - when continueExceeding is true and the store is local then it should reset the rate-limit', async (t) => { const clock = mock.timers clock.enable() const fastify = Fastify() await fastify.register(rateLimit, { global: false }) fastify.get( '/', { config: { rateLimit: { max: 1, timeWindow: 5000, continueExceeding: true } } }, async () => { return 'hello!' } ) const firstOkResponse = await fastify.inject({ url: '/', method: 'GET' }) const firstRateLimitResponse = await fastify.inject({ url: '/', method: 'GET' }) clock.tick(3000) const secondRateLimitWithResettingTheRateLimitTimer = await fastify.inject({ url: '/', method: 'GET' }) // after this the total time passed is 6s which WITHOUT `continueExceeding` the next request should be OK clock.tick(3000) const thirdRateLimitWithResettingTheRateLimitTimer = await fastify.inject({ url: '/', method: 'GET' }) // After this the rate limiter should allow for new requests clock.tick(5000) const okResponseAfterRateLimitCompleted = await fastify.inject({ url: '/', method: 'GET' }) t.assert.deepStrictEqual(firstOkResponse.statusCode, 200) t.assert.deepStrictEqual(firstRateLimitResponse.statusCode, 429) t.assert.deepStrictEqual( firstRateLimitResponse.headers['x-ratelimit-limit'], '1' ) t.assert.deepStrictEqual( firstRateLimitResponse.headers['x-ratelimit-remaining'], '0' ) t.assert.deepStrictEqual( firstRateLimitResponse.headers['x-ratelimit-reset'], '5' ) t.assert.deepStrictEqual( secondRateLimitWithResettingTheRateLimitTimer.statusCode, 429 ) t.assert.deepStrictEqual( secondRateLimitWithResettingTheRateLimitTimer.headers['x-ratelimit-limit'], '1' ) t.assert.deepStrictEqual( secondRateLimitWithResettingTheRateLimitTimer.headers[ 'x-ratelimit-remaining' ], '0' ) t.assert.deepStrictEqual( secondRateLimitWithResettingTheRateLimitTimer.headers['x-ratelimit-reset'], '5' ) t.assert.deepStrictEqual( thirdRateLimitWithResettingTheRateLimitTimer.statusCode, 429 ) t.assert.deepStrictEqual( thirdRateLimitWithResettingTheRateLimitTimer.headers['x-ratelimit-limit'], '1' ) t.assert.deepStrictEqual( thirdRateLimitWithResettingTheRateLimitTimer.headers[ 'x-ratelimit-remaining' ], '0' ) t.assert.deepStrictEqual( thirdRateLimitWithResettingTheRateLimitTimer.headers['x-ratelimit-reset'], '5' ) t.assert.deepStrictEqual(okResponseAfterRateLimitCompleted.statusCode, 200) clock.reset(0) })