UNPKG

catalyst-rate-limiter

Version:

A configurable **rate limiter middleware** for your APIs, built with the Zoho Catalyst Cache service using **Token Bucket Algorithm**.

91 lines (78 loc) 2.61 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
// index.js const catalyst = require('zcatalyst-sdk-node'); // Configurable defaults const DEFAULT_MAX_TOKENS = 15; const DEFAULT_REFILL_INTERVAL = 60 * 1000; const DEFAULT_REFILL_RATE = 15; const DEFAULT_CACHE_TTL = 1; /** * Create a rate limiter middleware * @param {Object} options * @param {string} options.segmentName <-- REQUIRED: Catalyst cache segment name * @param {number} [options.maxTokens] * @param {number} [options.refillInterval] (ms) * @param {number} [options.refillRate] * @param {number} [options.cacheTTL] (minutes) */ function createRateLimiter(options = {}) { const { segmentName, maxTokens = DEFAULT_MAX_TOKENS, refillInterval = DEFAULT_REFILL_INTERVAL, refillRate = DEFAULT_REFILL_RATE, cacheTTL = DEFAULT_CACHE_TTL } = options; if (!segmentName || typeof segmentName !== 'string') { throw new Error('segmentName is required and must be a string.'); } return async (req, res, next) => { const app = catalyst.initialize(req); const ip = req.headers['x-forwarded-for']?.split(',').shift() || req.socket?.remoteAddress || req.ip; const cache = app.cache(); const segment = cache.segment(segmentName); // ✅ user‑configured segment const userKey = ip; try { const cachedData = await segment.get(userKey); const now = new Date(); let tokens = maxTokens; let lastRefill = now; if (cachedData && cachedData.cache_value) { const parsed = JSON.parse(cachedData.cache_value); tokens = parsed.tokens; lastRefill = new Date(parsed.lastRefill); // Refill logic const elapsed = now - lastRefill; const tokensToAdd = Math.floor(elapsed / refillInterval) * refillRate; tokens = Math.min(maxTokens, tokens + tokensToAdd); if (tokens > 0) { tokens -= 1; await segment.update( userKey, JSON.stringify({ tokens, lastRefill: now }), cacheTTL ); return next(); } else { return res .status(429) .json({ message: 'Too Many Requests. Please wait before retrying.' }); } } else { // No record: create one await segment.put( userKey, JSON.stringify({ tokens: maxTokens - 1, lastRefill: now }), cacheTTL ); return next(); } } catch (err) { console.error('Rate Limiter Error:', err); return res.status(500).json({ message: 'Internal rate limit error' }); } }; } module.exports = createRateLimiter;