7.4.1 • Published 2 months ago

express-rate-limit v7.4.1

Weekly downloads
258,479
License
MIT
Repository
github
Last release
2 months ago

tests npm version npm downloads license

Basic rate-limiting middleware for Express. Use to limit repeated requests to public APIs and/or endpoints such as password reset. Plays nice with express-slow-down and ratelimit-header-parser.

Usage

The full documentation is available on-line.

import { rateLimit } from 'express-rate-limit'

const limiter = rateLimit({
	windowMs: 15 * 60 * 1000, // 15 minutes
	limit: 100, // Limit each IP to 100 requests per `window` (here, per 15 minutes).
	standardHeaders: 'draft-7', // draft-6: `RateLimit-*` headers; draft-7: combined `RateLimit` header
	legacyHeaders: false, // Disable the `X-RateLimit-*` headers.
	// store: ... , // Redis, Memcached, etc. See below.
})

// Apply the rate limiting middleware to all requests.
app.use(limiter)

Data Stores

The rate limiter comes with a built-in memory store, and supports a variety of external data stores.

Configuration

All function options may be async. Click the name for additional info and default values.

OptionTypeRemarks
windowMsnumberHow long to remember requests for, in milliseconds.
limitnumber | functionHow many requests to allow.
messagestring | json | functionResponse to return after limit is reached.
statusCodenumberHTTP status code after limit is reached (default is 429).
handlerfunctionFunction to run after limit is reached (overrides message and statusCode settings, if set).
legacyHeadersbooleanEnable the X-Rate-Limit header.
standardHeaders'draft-6' | 'draft-7'Enable the Ratelimit header.
storeStoreUse a custom store to share hit counts across multiple nodes.
passOnStoreErrorbooleanAllow (true) or block (false, default) traffic if the store becomes unavailable.
keyGeneratorfunctionIdentify users (defaults to IP address).
requestPropertyNamestringAdd rate limit info to the req object.
skipfunctionReturn true to bypass the limiter for the given request.
skipSuccessfulRequestsbooleanUncount 1xx/2xx/3xx responses.
skipFailedRequestsbooleanUncount 4xx/5xx responses.
requestWasSuccessfulfunctionUsed by skipSuccessfulRequests and skipFailedRequests.
validateboolean | objectEnable or disable built-in validation checks.

Thank You

Sponsored by Zuplo a fully-managed API Gateway for developers. Add dynamic rate-limiting, authentication and more to any API in minutes. Learn more at zuplo.com


Thanks to Mintlify for hosting the documentation at express-rate-limit.mintlify.app


Finally, thank you to everyone who's contributed to this project in any way! 🫶

Issues and Contributing

If you encounter a bug or want to see something added/changed, please go ahead and open an issue! If you need help with something, feel free to start a discussion!

If you wish to contribute to the library, thanks! First, please read the contributing guide. Then you can pick up any issue and fix/implement it!

License

MIT © Nathan Friedly, Vedant K

@tyz-wallet/tyz-wallet-core-service@recognition-game/shared-backend@candle-face/shared-backenddotclub-admin-web-backendnode-express-mongoose-boilerplate@mote/api-serverwebux-limiter@aifedespaix/fdp-apirelay-restgizconnection-api@d19n/commonfirmanza-commonsddos_node@kobotech/core-nest-serverfwd-servertools_modulehuntnet-server@community-fibre/commontransmetrix-paymentsexpresswebtscore@bitexchange-ltd/bitexchange-server-7.5.0-beta.3serversidecheckit-webengine@noggin/elastic-noggin-utilsbitcore-wallet-service-sprc@pranabkalita/express.mvc@haaskr-backend/middlewaremomenta-backendbds_maneger_apipg-api-serverblwebhooks-beta@the-bds-maneger/bds_maneger_apiaam-backendtest-package-for-alleneexpress-objection-starter@koushikpuppala/koushikpuppalaeeriebitcoin-computer-nodevivek-bitcoin-computer-nodevivek-bitcoin-computer-node-testingvivek-computer-node-testing@vivek-singh/bitcoin-computer-node-testing@vivek-singh/node@vivek-singh/node-testingexpress-access-proxy-middlewares@the-bds-maneger/clouds_uploadspdq-coreproteccsuper-rest-api@recognitiongame2/shared-backendinfinite-zero@infinitebrahmanuniverse/nolb-express-rexpress-simplified@candleface/shared-backendupsurance-apiesm-payloadlarapress@everything-registry/sub-chunk-1635jlg-blog-serverparse-server-cloud-logging-mod-7alpha.1@servable/parse-server-adapter@ethan-davies/bytehiru-news-apicreate-express-gql-tscreate-express-rest-ts@khomsi.adam/create-express-ts-rest-apilcs-cloud-storagemiracle-game-serverauth-14dabsi-payloadbanklink-widget-sdkactionsyncsystem-pandasynapseapiwkr-utilvulnogramwebaccess-middlewareswordpress-firebase-auth-bridgex-fidelityxiv-character-cardswyginincsafe-passagerndaotimingssfd-expresssexcore-wallet-servicesfmc-custom-sdksam-setupsails-hook-rate-limitsecure-rest-apisecured-rest-apiscreepsmod-server-statsscreepsmod-server-stats-testshipstr-backendreservease-api-templaterestful-backend-templaterigidmlrobbyson-tree-gatewayreldensteastudcommon
7.4.1

2 months ago

7.4.0

5 months ago

7.3.1

6 months ago

7.3.0

7 months ago

7.2.0

10 months ago

7.1.5

1 year ago

7.1.4

1 year ago

7.1.3

1 year ago

7.1.2

1 year ago

7.0.0

1 year ago

7.0.2

1 year ago

7.0.1

1 year ago

7.1.1

1 year ago

7.1.0

1 year ago

6.11.1

1 year ago

6.11.0

1 year ago

6.11.2

1 year ago

6.10.0

1 year ago

6.8.1

1 year ago

6.8.0

1 year ago

6.9.0

1 year ago

6.7.2

1 year ago

6.7.1

1 year ago

6.7.0

2 years ago

6.6.0

2 years ago

6.5.2

2 years ago

6.5.1

2 years ago

6.4.0

3 years ago

6.1.0

3 years ago

6.3.0

3 years ago

6.0.1

3 years ago

6.0.0

3 years ago

6.2.1

3 years ago

6.0.3

3 years ago

6.2.0

3 years ago

6.0.2

3 years ago

6.0.5

3 years ago

6.0.4

3 years ago

5.5.1

3 years ago

5.5.0

3 years ago

5.4.1

3 years ago

5.4.0

3 years ago

5.3.0

3 years ago

5.2.6

4 years ago

5.2.5

4 years ago

5.2.3

4 years ago

5.2.2

4 years ago

5.2.1

4 years ago

5.1.3

5 years ago

5.1.1

5 years ago

5.0.0

6 years ago

4.0.4

6 years ago

4.0.3

6 years ago

4.0.2

6 years ago

4.0.1

6 years ago

3.5.3

6 years ago

4.0.0

6 years ago

3.5.2

6 years ago

3.5.1

6 years ago

3.5.0

6 years ago

3.4.1

6 years ago

3.4.0

6 years ago

3.3.2

6 years ago

3.3.1

6 years ago

3.3.0

6 years ago

3.2.1

6 years ago

3.2.0

6 years ago

3.1.1

6 years ago

2.14.2

6 years ago

3.1.0

6 years ago

2.13.1

6 years ago

3.0.3

6 years ago

3.0.2

6 years ago

3.0.1

6 years ago

3.0.0

6 years ago

2.13.0

6 years ago

2.12.2

6 years ago

2.12.1

6 years ago

2.11.0

7 years ago

2.10.0

7 years ago

2.9.0

7 years ago

2.8.1

7 years ago

2.8.0

8 years ago

2.7.0

8 years ago

2.6.0

8 years ago

2.5.0

8 years ago

2.4.0

8 years ago

2.3.1

9 years ago

2.3.0

9 years ago

2.2.0

9 years ago

2.1.3

9 years ago

2.1.2

9 years ago

2.1.0

9 years ago

2.0.2

9 years ago

2.0.1

9 years ago

2.0.0

9 years ago

1.2.0

9 years ago

1.1.0

9 years ago

1.0.3

9 years ago

1.0.2

10 years ago

1.0.1

10 years ago

1.0.0

10 years ago