litespeed-limiter v0.1.1

Litespeed Limiter

A rate limiter plugin for Litespeed that uses Redis as the persistence layer. It will return a 429 Too Many Requests error if the threshold is reached for a client. Requests are based off of the Authorization header, or the client's IP address if the header doesn't exist (this id can be customized, see API).

Headers

RateLimit headers are automatically returned to the response as X-RateLimit-Limit, X-RateLimit-Remaining, and X-RateLimit-Reset.

Context

RateLimit values are also passed to the handler context in request.context.limits. Available values are limit, remaining, and reset.

Getting Started

npm install --save redis litespeed-limiter

const limiter = require('litespeed-limiter')
const redis = require('redis')

new Litespeed({
  // ...
  preHandlers: [
    limiter({
      client: redis.createClient(/* redis url */)
    })
  ]
})

API

limiter (config)

• client The Redis connection instance

  Type: object
  Required

• limit The maximum number of requests within duration. This can be a number or a function that returns a promise (useful for user-specific limits). If a function, it gets passed the server request object as a parameter.

  Type: number/function
  Default: 2500

  limit: 5000
  // or
  limit: (request) => {
    return new Promise((resolve, reject) => {
      setTimeout(() => resolve(5000), 1000)
    })
  }

• duration The amount of seconds before count is reset

  Type: number
  Default: 3600 (1 hour)

• id The identifier to limit against

  Type: any
  Default: Authorization header or IP address

• errorMessage The error message to use when the 429 error is generated

  Type: string
  Default: none

License

MIT © Jason Maurer