You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Dustin Diaz
b4c909de6e
|
11 years ago | |
|---|---|---|
| tests | 11 years ago | |
| .gitignore | 11 years ago | |
| LICENSE | 11 years ago | |
| Makefile | 11 years ago | |
| README.md | 11 years ago | |
| index.js | 11 years ago | |
| package.json | 11 years ago | |
README.md
Express rate-limitter
Rate limiting middleware for Express applications built on redis
var express = require('express')
var app = express()
var client = require('redis').createClient()
var limitter = require('rate-limitter')(app, client)
limitter({
path: '/api/action',
method: 'get',
lookup: ['connection.remoteAddress'],
// 150 requests per hour
total: 150,
expire: 1000 * 60 * 60
})
app.get('/api/action', function (req, res) {
res.send(200, 'ok')
})
API options
limiter(options)
path: route path to the requestmethod: http method. acceptsget,post,put,delete, and of course Express'alllookup: value lookup on the request object. Can be a single value or array. See examples for common usagestotal: allowed number of requests before getting rate limitedexpire: amount of time inmsbefore the rate-limited is reset
Examples
// limit by IP address
limitter({
lookup: 'connection.remoteAddress'
})
// or if you are behind a trusted proxy (like nginx)
limiter({
lookup: 'headers.x-forwarded-for'
})
// by user (assuming a user is logged in with a valid id)
limiter({
lookup: 'user.id'
})
// limit your entire app
limiter({
path: '*',
method: 'all',
lookup: 'connection.remoteAddress'
})
// limit users on same IP
limiter({
path: '*',
method: 'all',
lookup: ['user.id', 'connection.remoteAddress']
})
License MIT
Happy Rate Limitting!