express-endpoint-spam-protector
v1.0.0
Published
A middleware designed to track and deny endpoint spamming by IP.
Downloads
3
Maintainers
Readme
express-endpoint-spam-protector
express-endpoint-spam-protector is a super lightweight, customizable middleware designed for security in ExpressJS. By configuration, you can block requests if too many are made by the same IP. Because of the nature of middleware, this can be applied to only desired routes, or all routes.
Installation
npm install express-endpoint-spam-protector
Usage
const express = require('express');
const app = express();
const EndpointSpamProtector = require('express-endpoint-spam-protector');
const config = {
minuteInterval: 15, // default value is 15
requestAmountBeforeBan: 50, // default value is 50
rejectionCode: 401 // default value is 401
};
const protector = new EndpointSpamProtector(config);
app.use(protector.protect);
// The map for all requests can be modified directly
// A good use case for this is to clear requests
console.log(protector.accessMap);
Additional configurations
onReject
This executes right before rejection. It expects a function, and if it returns a promise, it will wait for that promise to finish before rejecting.
const config = {
minuteInterval: 15,
requestAmountBeforeBan: 50,
rejectionCode: 401,
onReject: () => console.log('right before rejection')
};
onSuccess
This executes right before succeeding. It expects a function, and if it returns a promise, it will wait for that promise to finish before succeeding and calling next()
.
const config = {
minuteInterval: 15,
requestAmountBeforeBan: 50,
rejectionCode: 401,
onSuccess: () => console.log('right before succeeding')
};
rejectionResponse
Optional response to send when rejecting.
Defaults to "Access denied - too many requests."
additionalLoggedFields
You can add any other fields you want to be logged, that are directly in the req object
Defaults to ['method', 'headers', 'body']
Contributing
Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.