npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

hono-rate-limiter

v0.4.0

Published

<h1 align="center"> <code>🔥hono-rate-limiter🔥</code> </h1>

Downloads

22,268

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

mathuraditya724mathuraditya724

Keywords

honoapimiddlewarerest-apirate-limitingrate-limiterhonojs

Readme

tests npm version npm downloads license

Rate limiting middleware for Hono. Use to limit repeated requests to public APIs and/or endpoints such as password reset.

[!NOTE]
The keyGenerator function needs to be defined for hono-rate-limiter to work properly in your environment. Please ensure that you define the keyGenerator function according to the documentation before using the library.

Installation

# Using npm/yarn/pnpm/bun
npm add hono-rate-limiter

Usage

Rest APIs

import { rateLimiter } from "hono-rate-limiter";

const limiter = rateLimiter({
  windowMs: 15 * 60 * 1000, // 15 minutes
  limit: 100, // Limit each IP to 100 requests per `window` (here, per 15 minutes).
  standardHeaders: "draft-6", // draft-6: `RateLimit-*` headers; draft-7: combined `RateLimit` header
  keyGenerator: (c) => "<unique_key>", // Method to generate custom identifiers for clients.
  // store: ... , // Redis, MemoryStore, etc. See below.
});

// Apply the rate limiting middleware to all requests.
app.use(limiter);

WebSocket APIs

import { webSocketLimiter } from "hono-rate-limiter";
import { upgradeWebSocket } from "hono/cloudflare-workers";
import { RedisStore } from "@hono-rate-limiter/redis";
import { Redis } from "@upstash/redis/cloudflare";

const limiter = webSocketLimiter({
  windowMs: 15 * 60 * 1000, // 15 minutes
  limit: 100, // Limit each IP to 100 requests per `window` (here, per 15 minutes).
  keyGenerator: (c) => "<unique_key>", // Method to generate custom identifiers for clients.
  store: new RedisStore({ client }), // Define your DataStore. See below.
});

// Apply the rate limiting middleware to ws requests.
app.get(
  "/",
  upgradeWebSocket(
    limiter((c) => {
      return {
        onOpen: () => {
          console.log("Connection opened");
        },
        async onMessage(event, ws) {
          console.log(`Message from client: ${event.data}`);
          ws.send("Hello from server!");
        },
        onClose: () => {
          console.log("Connection closed");
        },
      };
    })
  )
);

Data Stores

hono-rate-limiter supports external data stores to synchronize hit counts across multiple processes and servers.

By default, MemoryStore is used. This one does not synchronize its state across instances. It’s simple to deploy, and often sufficient for basic abuse prevention, but will be inconnsistent across reboots or in deployments with multiple process or servers.

Deployments requiring more consistently enforced rate limits should use an external store.

Here is a list of stores:

| Name | Description | | ------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | MemoryStore | (default) Simple in-memory option. Does not share state when the app has multiple processes or servers. | | @hono-rate-limiter/redis | A Redis-backed store, used with @vercel/kv and @upstash/redis | | @hono-rate-limiter/cloudflare | A Cloudflare-backed store, used with WorkersKV and Workers Rate Limiting API | | rate-limit-redis | A Redis-backed store, more suitable for large or demanding deployments. | | rate-limit-postgresql | A PostgreSQL-backed store. | | rate-limit-memcached | A Memcached-backed store. | | cluster-memory-store | A memory-store wrapper that shares state across all processes on a single server via the node:cluster module. Does not share state across multiple servers. | | precise-memory-rate-limit | A memory store similar to the built-in one, except that it stores a distinct timestamp for each key. | | typeorm-rate-limit-store | Supports a variety of databases via TypeORM: MySQL, MariaDB, CockroachDB, SQLite, Microsoft SQL Server, Oracle, SAP Hana, and more. | | @rlimit/storage | A distributed rlimit store, ideal for multi-regional deployments. |

Take a look at this guide if you wish to create your own store.

Notes

  • The keyGenerator function determines what to limit a request on, it should represent a unique characteristic of a user or class of user that you wish to rate limit. Good choices include API keys in Authorization headers, URL paths or routes, specific query parameters used by your application, and/or user IDs.
  • It is not recommended to use IP addresses (since these can be shared by many users in many valid cases) or locations (the same), as you may find yourself unintentionally rate limiting a wider group of users than you intended.

Contributing

We would love to have more contributors involved!

To get started, please read our Contributing Guide.

Credits

The hono-rate-limiter project is heavily inspired by express-rate-limit