Express.js request rate limit middleware by IP with MemoryStore
Install with npm
$ npm install express-better-ratelimit
$ npm test
This package follows ferver
Please read history.md for more info!
message_429
deprecated >=v1.1.x, instead use accessLimited
message_403
deprecated >=v1.1.x, instead use accessForbidden
Some demo example which is exactly
example.js
var express = require('express');
var limit = require('./index');
var app = express();
app.use(limit({
duration: 30000, //30 seconds
max: 5
//blackList: ['127.0.0.1']
}));
app.use(function helloWorld(req, res, next) {
res.set('Content-Type', 'text/plain');
res.status(200).send('Hello world');
next();
});
var port = process.env.PORT || 3333;
app.listen(port);
console.log('Express server start listening on port %s', port);
console.log('Type few times: curl -i http://localhost:%s', port);
With options through init you can control black/white lists, limit per ip and reset interval.
[options]
{Object}
duration
{Integer} Limit duration in milliseconds, default 1000 * 60 * 60 * 1
(1 hour)whiteList
{Array} All ips that won't be limited, default empty array
blackList
{Array} All ips that always be limited and 403, default empty array
accessLimited
{String} Message for all requests after limit, default 429: Too Many Requests.
accessForbidden
{String} Message for limited/forbidden, default 403: This is forbidden area for you.
max
{Integer} Max requests per ip, default 500
env
{Boolean} Manage enviroment, for tests will use x-koaip
header, default null
return
{Function}Copyright (c) 2014 Charlike Make Reagent, contributors.
Released under the MIT
license.