npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

connect-ratelimit

v0.0.7

Published

connect middleware for ratelimiting clients

Downloads

1,899

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

dharmaflydharmafly

Keywords

connectmiddlewareiplimitthrottlebandwidth

Readme

connect-ratelimit

var limiter = require('connect-ratelimit');

app = connect()
      .use(limiter({
        whitelist: ['127.0.0.1'],
        blacklist: ['example.com']
      }))
      .use(function (req, res) {
        res.end('Hello world!');
      });

connect-ratelimit is connect middleware for limiting the number of requests per client ip/hostname to your node server.

When a limit is reached the middleware will cancel the middleware chain early with res.end('Rate limit exceeded.') or you can optionally check for a limit exceeding yourself elsewhere down the chain.

About

Categories

Categories serve as templates to manage different types of connecting clients. By default all clients are categorized as 'normal' but whitelist and blacklist categories also exist.

normal

By default anyone uncategorized will be subject to 500 requests per hour.

whitelist

By default client names in the whitelist will be subject to 4000 requests per hour.

blacklist

By default client names in the blacklist will be subject to 0 requests per 0 time. In other words they will always be exceding the rate limit.

Client identification

connect-ratelimit uses the following code to identify clients:

req.headers['x-forwarded-for'] || req.connection.remoteAddress

Usage

var limiter = require('connect-ratelimit');

The middleware takes an options object with the following parameters:

  • whitelist: An array of strings representing clients you wish to apply to the whitelist category. eg. ['127.0.0.1'] for local development.
  • blacklist: An array of strings representing clients you wish to apply to the blacklist category.
  • end: A boolean when set to false (default true) the connect chain will continue even if a client has exceeded the ratelimit. The response object is augmented with the ratelimit namespace. response.ratelimit exposes an object which contains the various details about the client including if they have past their limit as well as all other recorded clients. This is useful if you wish to supply your own error response to the client or any other logic.
  • categories: An object representing the various total requests per time for each category type. See below.

Configuring the different categories

The categories property of the options object for the connect-limiter allows you to specify different totalRequests and every for specific categories.

A fully configured value of the categories property could like this:

{
  whitelist: {
    totalRequests: 5000,
    every:         60 * 60 * 1000
  },
  blacklist: {
    totalRequests: 0,
    every:         0 
  },
  normal: {
    totalRequests: 5,
    every:         60 * 60 * 1000
  }
}

Set totalRequests to 0 is how to block requests from under category entirely.

Below is how you can switch from an hourly rate to a half-hourly rate for all categories but blacklist.

.use(limiter({
  whitelist: ['dharmafly.com'],
  categories: {
    normal: {
      every: (60 * 60 * 1000) / 2
    },
    whitelist: {
      every: (60 * 60 * 1000) / 2
    }
  }
}))

You don't need to set every category, just the properties you want to change.

Example

connect is required for the example to run.

npm install connect

To play with the example app run the command below and navigate to localhost:4000

node example.js