npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

express-rate-limit

v7.4.1

Published

Basic IP rate-limiting middleware for Express. Use to limit repeated requests to public APIs and/or endpoints such as password reset.

Downloads

5,547,528

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

nfriedlynfriedlygamemaker1gamemaker1

Keywords

express-rate-limitexpressratelimitratelimitrate-limitmiddlewareipauthauthorizationsecuritybruteforcebruteforcebrute-forceattack

Readme

tests npm version npm downloads license

Basic rate-limiting middleware for Express. Use to limit repeated requests to public APIs and/or endpoints such as password reset. Plays nice with express-slow-down and ratelimit-header-parser.

Usage

The full documentation is available on-line.

import { rateLimit } from 'express-rate-limit'

const limiter = rateLimit({
	windowMs: 15 * 60 * 1000, // 15 minutes
	limit: 100, // Limit each IP to 100 requests per `window` (here, per 15 minutes).
	standardHeaders: 'draft-7', // draft-6: `RateLimit-*` headers; draft-7: combined `RateLimit` header
	legacyHeaders: false, // Disable the `X-RateLimit-*` headers.
	// store: ... , // Redis, Memcached, etc. See below.
})

// Apply the rate limiting middleware to all requests.
app.use(limiter)

Data Stores

The rate limiter comes with a built-in memory store, and supports a variety of external data stores.

Configuration

All function options may be async. Click the name for additional info and default values.

| Option | Type | Remarks | | -------------------------- | -------------------------------- | ----------------------------------------------------------------------------------------------- | | windowMs | number | How long to remember requests for, in milliseconds. | | limit | number | function | How many requests to allow. | | message | string | json | function | Response to return after limit is reached. | | statusCode | number | HTTP status code after limit is reached (default is 429). | | handler | function | Function to run after limit is reached (overrides message and statusCode settings, if set). | | legacyHeaders | boolean | Enable the X-Rate-Limit header. | | standardHeaders | 'draft-6' | 'draft-7' | Enable the Ratelimit header. | | store | Store | Use a custom store to share hit counts across multiple nodes. | | passOnStoreError | boolean | Allow (true) or block (false, default) traffic if the store becomes unavailable. | | keyGenerator | function | Identify users (defaults to IP address). | | requestPropertyName | string | Add rate limit info to the req object. | | skip | function | Return true to bypass the limiter for the given request. | | skipSuccessfulRequests | boolean | Uncount 1xx/2xx/3xx responses. | | skipFailedRequests | boolean | Uncount 4xx/5xx responses. | | requestWasSuccessful | function | Used by skipSuccessfulRequests and skipFailedRequests. | | validate | boolean | object | Enable or disable built-in validation checks. |

Thank You

Sponsored by Zuplo a fully-managed API Gateway for developers. Add dynamic rate-limiting, authentication and more to any API in minutes. Learn more at zuplo.com

Thanks to Mintlify for hosting the documentation at express-rate-limit.mintlify.app

Finally, thank you to everyone who's contributed to this project in any way! 🫶

Issues and Contributing

If you encounter a bug or want to see something added/changed, please go ahead and open an issue! If you need help with something, feel free to start a discussion!

If you wish to contribute to the library, thanks! First, please read the contributing guide. Then you can pick up any issue and fix/implement it!

License

MIT © Nathan Friedly, Vedant K