4.1.1 • Published 3 years ago

@ladjs/koa-simple-ratelimit v4.1.1

Weekly downloads
-
License
MIT
Repository
github
Last release
3 years ago

@ladjs/koa-simple-ratelimit

build status code style styled with prettier made with lass license

Fork of koa-simple-ratelimit with better tests and options. Rate limiter middleware for koa v2. Differs from koa-ratelimit by not depending on ratelimiter and using redis ttl (time to live) to handle expiration time remaining. This creates only one entry in redis instead of the three that node-ratelimiter does.

Table of Contents

Install

npm install @ladjs/koa-simple-ratelimit

Example

const Koa = require('koa');
const Redis = require('ioredis-mock');

const ratelimit = require('.');

const app = new Koa();

app.use(
  ratelimit({
    db: new Redis(),
    duration: 60_000,
    max: 100
  })
);

app.use((ctx) => {
  ctx.body = 'Stuff!';
});

app.listen(4000);

console.log('listening on port http://localhost:4000');

module.exports = app;

Options

  • db (Object) Redis connection instance required
  • max (Number) number of max requests within duration (defaults to 2500)
  • duration (Number) duration of limit in milliseconds (defaults to 3600000)
  • throw (Boolean) whether or not to throw an error with ctx.throw (defaults to false)
  • prefix (String) redis key prefix (defaults to limit)
  • id (Function) function accepting an argument ctx that returns an id to compare requests with (defaults to ip via ctx.ip)
  • allowlist (Array) an array of ids to allowlist (defaults to [])
  • blocklist (Array) an array of ids to blocklist (defaults to [])
  • logger (Function) a logger to log database errors with (to prevent app middleware requests from failing due to database connection issues) - set this value to false to disable the logger output
  • headers (Object) containing keys remaining, reset, and total which set the headers on the HTTP request to X-RateLimit-Remaining, X-RateLimit-Reset, and X-RateLimit-Limit by default respectively
  • errorMessage (Function) a function accepting an argument exp which is the number of milliseconds until limitation expiry (see code for default) – it also accepts a second argument of ctx
  • ignoredPathGlobs (Array) defaults to an empty Array, but you can pass an Array of glob paths to ignore

Responses

Example 200 with header fields:

HTTP/1.1 200 OK
X-Powered-By: koa
X-RateLimit-Limit: 100
X-RateLimit-Remaining: 99
X-RateLimit-Reset: 1384377793
Content-Type: text/plain; charset=utf-8
Content-Length: 6
Date: Wed, 13 Nov 2013 21:22:13 GMT
Connection: keep-alive

Stuff!

Example 429 response:

HTTP/1.1 429 Too Many Requests
X-Powered-By: koa
X-RateLimit-Limit: 100
X-RateLimit-Remaining: 0
X-RateLimit-Reset: 1384377716
Content-Type: text/plain; charset=utf-8
Content-Length: 39
Retry-After: 7
Date: Wed, 13 Nov 2013 21:21:48 GMT
Connection: keep-alive

Rate limit exceeded, retry in 8 seconds

License

MIT © Scott Cooper

abuseapiddoshttpkoalimitlimitermiddlewareprotectionrateratelimitratelimiterrequestspam
msmultimatch
@everything-registry/sub-chunk-533@zalastax/nolb-_lad@ladjs/api@ladjs/web
4.1.0

3 years ago

4.1.1

3 years ago

4.0.2

3 years ago

4.0.1

3 years ago

4.0.0

3 years ago

3.0.0

3 years ago

2.3.4

8 years ago