Sliding window rate limiter with Redis 3.2 backend or in-memory backend.
This module requires ES6 with Node >= 6.
Redis >= 3.2.0 is required for Redis backend.
npm install sliding-window-rate-limiterAdditionally for Typescript:
npm install -D @types/node @types/ioredisconst SlidingWindowRateLimiter = require('sliding-window-rate-limiter')Typescript:
import * as SlidingWindowRateLimiter from 'sliding-window-rate-limiter'const limiter = SlidingWindowRateLimiter.createLimiter(options)Options:
intervalis a number of seconds in a sliding windowredisis an instance ofioredisor URL string to Redis server (only for Redis backend)safe:true(only for SafeRedis backend)reuseRedisAfteris a time (milliseconds) to reconnect to Redis server after connection failure (only for SafeRedis backend, default value: 2000 milliseconds)defaultResponseis a number value returned when Redis server is not available (only for SafeRedis backend, default value: 0)
If redis parameter is a string then new ioredis object is created with
retryStrategy set to 1 seconds and maxRetriesPerRequest set to 1.
Example:
const limiter = SlidingWindowRateLimiter.createLimiter({
interval: 60
})or
const limiter = SlidingWindowRateLimiter.createLimiter({
interval: 60,
redis: new Redis({
host: 'redis-server',
retryStrategy: (_times) => 1000,
maxRetriesPerRequest: 1
}),
safe: true
})const usage = await limiter.check(key, limit)or
limiter.check(key, limit, (err, usage) => {})Checks current usage for key. If usage is above limit, it returns a negative
number with current usage. Throws an error if has occurred.
const ts = await limiter.reserve(key, limit)or
limiter.reserve(key, limit, (err, ts) => {})Makes a reservation and returns reserved timestamp as ts. Returns a negative
number with current usage if the reservation can't be done because of limit.
Throws an error if has occurred.
const canceled = await limiter.cancel(key, ts)or
limiter.cancel(key, (err, canceled) => {})Cancels a reservation for timestamp ts and returns number of canceled
timestamps. It is a zero if no timestamp previously was reserved or it was
expired.
limiter.destroy()Frees resources used by limiter (timers and Redis connection if was created by limiter itself).
If reserve or usage methods returns an error:
ERR Error running script (call to f_8ff6a0f745b738fe1d9fa74079c4c13d032e9947): @user_script:1: user_script:1: attempt to call field \'replicate_commands\' (a nil value)then check if Redis has proper version (>= 3.2.0).
This backend holds all data in memory.
This backend requires Redis 3.2 to work. Main advantage is that the state of limiter can be shared between many clients.
There is extended version of limiter, which behaves gracefully, when Redis
server is unavailable for any reason. In case of Redis connection failure,
SafeRedis backend will always return positive response (defaultResponse
value), and will try to use again the Redis server after reuseRedisAfter.
Minified script is sent to Redis server by default. Full script can be sent
instead when DEBUG_LUA environment variable is set.
Copyright (c) 2017-2018 Piotr Roszatycki piotr.roszatycki@gmail.com
Based on Lua script from https://github.com/3hedgehogs/inredis-ratelimiter
Copyright (c) 2017 Serguei Poliakov serguei.poliakov@gmail.com
Inspired by ClassDojo blog note
https://engineering.classdojo.com/blog/2015/02/06/rolling-rate-limiter/ and
rolling-rate-limiter
module.