Skip to content

Commit 21c7a44

Browse files
agbilotia1998agbilotia1998
committed
Adds option to limit requests by IP or number of requests from all IPs
1 parent 957c5df commit 21c7a44

File tree

2 files changed

+24
-7
lines changed

2 files changed

+24
-7
lines changed

.env.sample

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,4 +3,5 @@ BACK_END_URL="http://localhost:3000"
33
PORT="4000"
44
EXPIRE_IN_SECONDS=15
55
REQUEST_LIMIT=99
6+
LIMIT_BY_IP=0
67
REDIS_URL="redis://host.docker.internal:6379"

src/server.js

Lines changed: 23 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -39,27 +39,43 @@ app.use((req, res, next) => {
3939
const expireInSeconds = process.env.EXPIRE_IN_SECONDS || 15;
4040
const requestLimit = process.env.REQUEST_LIMIT || 99;
4141
const delayTimeInSeconds = process.env.DELAY_IN_SECONDS || 0.5;
42+
const limitByIP = process.env.LIMIT_BY_IP || 1;
43+
44+
const redisKeyGenerator = function keyGenerator(req) {
45+
if (parseInt(limitByIP, 10) === 1) {
46+
return req.ip;
47+
}
48+
49+
return 'ALL_IPS';
50+
};
51+
4252
const speedLimiter = slowDown({
53+
keyGenerator: redisKeyGenerator,
4354
store: new RedisStore({
4455
client,
45-
prefix: 'sd: ', // setting prefix to avoid collision between delaying and rate limiting requests
56+
// setting prefix to avoid collision between delaying and rate limiting requests
57+
prefix: 'sd: ',
4658
expiry: expireInSeconds,
4759
}),
48-
windowMs: 1000 * expireInSeconds, // 1 minutes
49-
delayAfter: requestLimit, // allow specified requests per window time
60+
windowMs: 1000 * expireInSeconds,
61+
// allow specified requests per window time
62+
delayAfter: requestLimit,
5063
// begin adding specified delay time per request above maximum limit:
5164
delayMs: 1000 * delayTimeInSeconds,
5265
});
5366

5467
const rateLimiter = new RateLimit({
68+
keyGenerator: redisKeyGenerator,
5569
store: new RedisStore({
5670
client,
57-
prefix: 'rl: ', // setting prefix to avoid collision between delaying and rate limiting requests
71+
// setting prefix to avoid collision between delaying and rate limiting requests
72+
prefix: 'rl: ',
5873
expiry: expireInSeconds,
5974
}),
60-
61-
windowMs: 1000 * expireInSeconds, // setting window size in ms(eg: 2000)
62-
max: requestLimit, // limit each IP to specified requests per windowMs (e.g: 1)
75+
// setting window size in ms(eg: 2000)
76+
windowMs: 1000 * expireInSeconds,
77+
// limit each IP to specified requests per windowMs (e.g: 1)
78+
max: requestLimit,
6379
});
6480

6581
app.use(speedLimiter);

0 commit comments

Comments
 (0)