UNPKG

api-rate-limiter

Version:

Rate limiter package for Express server API requests

github.com/anahit42/api-rate-limiter

anahit42/api-rate-limiter

87 lines (58 loc) 3.43 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
# api-rate-limiter Rate limiter package for Express server API requests # API ✍ ## api-rate-limiter API ### init(...) | Parameter | Description | Required | Default | |---------------------------|------------------------------------------|----------|----------| | payload.client | RedisClient instance (promisified) | ✔ | ✘ | | payload.serverName | API server name | ✔ | ✘ | Sample: ``` javascript const RateLimiter = require('api-rate-limiter') const Promise = require('bluebird') const redis = require('redis') Promise.promisifyAll(redis.RedisClient.prototype) const redisClient = redis.createClient() RateLimiter.init({ client: redisClient, serverName: 'code-mentor-api' }) ``` RateLimiter should be initialized before initializing API routes. ##### Errors | Error name | Description | |-------------------------------------|----------------------------------------------------------------------| | RateLimiterInvalidRedisClientError | Error thrown in case of invalid redis client | | RateLimiterInvalidServerNameError | Error thrown in case of invalid server name parameter | ### preventRateLimitAbuse(...) | Parameter | Description | Required | Default | |----------------------------------------|--------------------------------------------|----------|-------------| | payload.maxNumberOfRequests | Maximum allowed requests per time window | ✔ | ✘ | | payload.rateLimitWindowInSeconds | Rate limit time window in seconds | ✘ | 300 seconds | Sample: ``` javascript const express = require('express') const router = express.Router() const RateLimiter = require('api-rate-limiter') router.get('/', RateLimiter.preventRateLimitAbuse({ maxNumberOfRequests: 50, rateLimitWindowInSeconds: 600 }), function (req, res, next) { ...request handler code }) ``` ##### Errors | Error name | Description | |-------------------------------------|-----------------------------------------------------------------------------| | RateLimitExceededError | Error passed to the next() middleware function in case of rate limit abuse | | RateLimiterMissingRedisClientError | Error thrown in case of missing redis client for rate limiter | | RateLimiterMissingServerNameError | Error thrown in case of missing server name for rate limiter | ### HTTP Headers | Header | Description | |------------------------|-------------------------------------------------------------| | X-RateLimit-Limit | Requests permitted to make per time window | | X-RateLimit-Remaining | Requests remaining in the current time window | | X-RateLimit-Reset | UNIX timestamp detailing when the rate limit will reset | Sample: ``` X-RateLimit-Limit: 50 X-RateLimit-Remaining: 42 X-RateLimit-Reset: 1541169284467 ```