How do I rate-limit some but not all endpoints?

ded / express-limiter

Rate limiting middleware for Express

MIT License

423 stars 54 forks source link

How do I rate-limit some but not all endpoints? #25

Open vgoklani opened 8 years ago

vgoklani commented 8 years ago

Hi - Thank you for taking the time to create this!

How do I protect multiple endpoints in express?

const rateLimiter = RateLimiter(app, app.locals.redisClient0);
rateLimiter({
    path: '/api/fetch',
    method: 'post',
    lookup: 'headers.x-forwarded-for',
    total: 120,
    expire: 1000 * 60 * 60
});

It seems like the path is a string, not an array. Please let me know - thanks!

vitorcamachoo commented 8 years ago

https://github.com/ded/express-limiter#as-direct-middleware

eljefedelrodeodeljefe commented 6 years ago

Is doing this in the whitelist option with the request object an alternative? Asking because I absolutely want to avoid hitting the storage backend on maintenance and high frequency routes. Those are very small in number all others endpoints are not, which makes direct middleware unfeasible.

eljefedelrodeodeljefe commented 6 years ago

Just check the code: it is.