npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

nodal-middleware-ratelimit

v0.3.0

Published

A simplicitc rate limiting middleware for Nodal

Downloads

14

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

intabulasintabulas

Keywords

nodejsnodalmiddlewareratelimitthrottle

Readme

Nodal Rate Limit Middleware

This is a middleware package for Nodal that performs basic rate-limiting on public endpoints. This is meant to be a functional example how how to write middleware for nodal and package as an npm module. Thus this is intentionally a very rudimentary and simplistic piece of middleware and my wish it others will build more advanced rate limiters.

DO NOT USE THIS YET

This module, while totally functional, has hardcoded options. Until PR #149 on the main Nodal repo is merged. The module currently allows 100 connections per minute per ip. Localhost (::1 in Nodal) is also intentionally not excluded to allow for testing.

Install

$ npm install --save nodal-middleware-ratelimit

Useage

In your app/app.js you first need to require the module

const RateLimitMiddleware = require('nodal-middleware-ratelimit');

Then simply use it

this.middleware.use(RateLimitMiddleware)

Whola your aapp is now being rate limited!.

Configuring

If you want to override the default rate limiting options, you can pass configuration options when you use() your middleware. For example if you wnat to limit requests to 50 per every 5 minutes and allow local requests to excluded from limiting, you would do the following.

this.middleware.use(RateLimitMiddleware, { max: 50, timeWindow: 300 * 100, exclude: ['::1'] })

| Optiona | Description | Default | | ------------- | ----------- | ----------- | | timeWindow | Time window for rate limiting in milliseconds| 60000 (1 miniute) | | max | Maximum number of requests in the rate limiting window | 100 requests | | message | Message to send back when rate limit exceeded | Too many requests, please try again later | | includeHeaders | Set X-RateLimit-Limit, X-Rate-Limit-Reset & X-RateLimit-Remaining headers | true| | exclude | Array of IPs that are excluded from rate limiting | [] | | enforce | Array of route prefix's to limit the application of limiting to routes | [] |

Apply Rate Limiting to specific routes

Nodal currently doesn't allow middleware/renderware to be scoped to a route, thus rate limiting is applied over all your routes by default. This mens that if your building a Nodal application with both API and UI routes, it will limit your UI endpoints as well. To control the behavior you can send an optional enforce option that is an array of route prefixes to limit the rate limiting to. For example to limit it to only routes starting with /v1

this.middleware.use(RateLimitMiddleware, { enforce: [ '/v1/' ] })

Headers

This middleware can optionally (and by default doest) set the following X- headers

| Name | Description | | ------------- | ----------- | | X-RateLimit-Limit | Request limit per minute| | X-RateLimit-Remaining | The number of requests left for the time window| | X-Rate-Limit-Reset | Timestamp of when the limit will be reset |

Error Messages

When the limit is reach, the middleware will return a HTTP Too Many Request (429) response and the body will be a JSON document. The error key in the document will look like the following

{
  "error":{
    "message": "Too many requests, please try again later.",
    "details": {
      "host": "::1",
      "maximum": 20,
      "requests": 22,
      "resets":" 2016-01-27T03:58:48.072Z"
    }
  }
}