UNPKG

create-bun-stack

Version:

Rails-inspired fullstack application generator for Bun

bun-stack.jasenc.dev

jasencarroll/create-bun-stack

89 lines (75 loc) 2.61 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
// Simple in-memory rate limiter interface RateLimitEntry { count: number; resetTime: number; } // Store rate limit entries by IP address const rateLimitStore = new Map<string, RateLimitEntry>(); // Clean up expired entries every minute setInterval(() => { const now = Date.now(); for (const [ip, entry] of rateLimitStore.entries()) { if (entry.resetTime < now) { rateLimitStore.delete(ip); } } }, 60000); interface RateLimitOptions { windowMs?: number; // Window size in milliseconds (default: 15 minutes) max?: number; // Max requests per window (default: 5) message?: string; // Error message } export function createRateLimiter(options: RateLimitOptions = {}) { const { windowMs = 15 * 60 * 1000, // 15 minutes max = 5, message = "Too many requests, please try again later", } = options; return (req: Request): Response | null => { // Disable rate limiting in test environment if (process.env.NODE_ENV === "test" || process.env.BUN_ENV === "test") { return null; } // Extract IP address from request const forwarded = req.headers.get("x-forwarded-for"); const ip = forwarded ? forwarded.split(",")[0].trim() : "127.0.0.1"; const now = Date.now(); const resetTime = now + windowMs; // Get or create rate limit entry let entry = rateLimitStore.get(ip); if (!entry || entry.resetTime < now) { // Create new entry or reset expired one entry = { count: 1, resetTime }; rateLimitStore.set(ip, entry); return null; // Allow request } // Increment count entry.count++; // Check if limit exceeded if (entry.count > max) { const retryAfter = Math.ceil((entry.resetTime - now) / 1000); return new Response(JSON.stringify({ error: message }), { status: 429, headers: { "Content-Type": "application/json", "Retry-After": String(retryAfter), "X-RateLimit-Limit": String(max), "X-RateLimit-Remaining": "0", "X-RateLimit-Reset": String(entry.resetTime), }, }); } return null; // Allow request }; } // Pre-configured rate limiters for different endpoints export const authRateLimiter = createRateLimiter({ windowMs: 15 * 60 * 1000, // 15 minutes max: 5, // 5 requests per 15 minutes message: "Too many authentication attempts, please try again later", }); export const strictAuthRateLimiter = createRateLimiter({ windowMs: 60 * 60 * 1000, // 1 hour max: 3, // 3 requests per hour message: "Too many failed login attempts, please try again later", });