Skip to content

socketstream/prism-rate-limiter

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Rate Limiter for Prism Realtime Server

This very basic rate limiter prevents malicious users from flooding the server with multiple requests per second - something that's easy to do on the client if you use a while loop in the JS console.

For now this module mostly serves as an example of how to create Prism request middleware.

Example Usage

// in your server config
server.use(require('prism-rate-limiter')({maxRequestsPerSecond: 12})); // default = 8

How it works

The middleware counts each incoming request for every socketId. Normally requests are just passed through, however if the client has exceeded its allocation, we send a warning (visible in the browser's console) and drop the message.

The warning will only be sent once. All subsequent requests will be silently dropped.

The request counter is reset every second.

TODO

  • Add an option to drop all future traffic from an offending client
  • Add ability to whitelist hosts

Tests

mocha

License

MIT

About

Example of Request Middleware for Prism Server

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published