Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add rate limiting #81

ekryski opened this Issue Feb 25, 2016 · 4 comments


None yet
4 participants
Copy link

ekryski commented Feb 25, 2016

It would be a good idea to have rate limiting on auth routes by default. Currently I'm using in


This comment has been minimized.

Copy link
Member Author

ekryski commented Mar 12, 2016

Since infrastructure is pretty custom and there are various ways you can do rate limiting (a proxy like nginx, app level, feathers service level, etc.) i don't think this should be baked into the core plugin. It should be left up to the user to do outside of the plugin in order to maintain flexibility.

For example, you can add rate limiting to the auth service out side of the plugin.

const limiter = require('express-rate-limit');
// Set up rate limiting the individual services with independent options.
app.use('/auth/local', limiter());
app.use('/auth/token', limiter());

@ekryski ekryski closed this Mar 12, 2016


This comment has been minimized.

Copy link

elfey commented Mar 3, 2017

Does express-rate-limit cover sockets as well? I'd assume this is exposed only to REST calls.


This comment has been minimized.

Copy link

marshallswain commented Mar 3, 2017

@elfey I'm interested in collaborating on a plugin based on unless you have something better in mind.


This comment has been minimized.

Copy link

TimNZ commented Feb 8, 2018

Someone had a stab, simple hook around fast-ratelimit

Realistically any real world rate limiting solution needs to work across servers/instances, at the edge, with the load balancers.

This is where API gateways solutions are handy, with deep packet inspection and rules.

AWS and co will devour everything eventually.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.