@tinyhttp/rate-limit

npm (scoped) npm

Basic rate-limiting middleware for tinyhttp. Used to limit repeated requests to public APIs and/or endpoints such as password reset.

Install

pnpm i @tinyhttp/rate-limit

Usage

import { App } from '@tinyhttp/app'
import { rateLimit } from '@tinyhttp/rate-limit'

const app = new App()

const routeRateLimit = rateLimit({
  max: 10,
  windowMs: 60 * 1000, // 1 minute
})

app.get('limited-route', routeRateLimit, (_, res) => res.send('Limited route'))

Options

Name Type Default Description
windowMs number 5000 Timeframe for which requests are checked/remembered.
max number | ((req: Request, res: Response) => Promise) 5 Max number of connections during windowMs before sending a 429 response.
message string Too many requests, please try again later. Error message sent to user when max is exceeded.
statusCode number 249 HTTP status code returned when max is exceeded.
skipFailedRequests boolean false When set to true, failed requests won't be counted.
skipSuccessfulRequests boolean false When set to true successful requests (response status < 400) won't be counted.
keyGenerator (req: Request, res: Response) => string (req) => req.ip Function used to generate keys.
shouldSkip (req: Request, res: Response) => boolean () => false Determine per request if it should be skipped by the middleware
onLimitReached onLimitReached: (req: Request, res: Response) => void () => {} Function that is called the first time a user hits the rate limit within a given window.
store Store MemoryStore By default a MemoryStore is used. Rate Limit Redis, Rate Limit Memcached and Rate Limit Mongo can be used too.

Alternatives

License

MIT © Luiginator

Install

pnpm i @tinyhttp/rate-limit

Version

0.5.5

Source

packages/rate-limit