-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: support for rate limit whitelist
- Loading branch information
1 parent
1d789c4
commit 5bd1eac
Showing
2 changed files
with
64 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,30 @@ | ||
# @twentyfourg-express-sdk/rate-limit | ||
|
||
[![Version](https://flat.badgen.net/npm/v/@twentyfourg-express-sdk/rate-limit)](https://github.com/twentyfourg/express-sdk/releases) [![Installs](https://flat.badgen.net/npm/dt/@twentyfourg-express-sdk/rate-limit)](https://www.npmjs.com/package/@twentyfourg-express-sdk/rate-limit) | ||
|
||
Rate limiting middleware. | ||
|
||
```javascript | ||
router.post( | ||
'/auth', | ||
rateLimit({ max: 10, minutes: 1, keys: ['ip', 'body.email'] }), | ||
validator.auth, | ||
userController.auth | ||
); | ||
``` | ||
|
||
| Options | Description | Default | | ||
| ----------------- | --------------------------------------------------------------------------------------------- | -------------------------------------------------------- | | ||
| `minutes` | Time frame in minutes for which requests are checked/remembered. | `1` | | ||
| `max` | The maximum number of connections to allow during the window before rate limiting the client. | `15` | | ||
| `standardHeaders` | Whether to enable support for headers conforming to the ratelimit standardization draft. | `true` | | ||
| `message` | `The response body to send back when a client is rate limited.` | `{ error: 'too many requests, please try again later' }` | | ||
| `keys` | Which properties from the Express Request object to use in the rate limit composite key | `['ip', 'headers["user-agent"]']` | | ||
| `whiteList` | List of IP addresses to whitelist | `SDK_EXPRESS_WHITE_LIST` environment variable | | ||
|
||
## Environment Variables | ||
|
||
| Variable | Description | Default | | ||
| --------------------------------- | ------------------------------------------------------------------------------------ | ------- | | ||
| `SDK_EXPRESS_WHITE_LIST` | String of IP addresses separated by commas to whitelist | `[]` | | ||
| `EXPRESS_SDK_RATE_LIMIT_DISABLED` | Whether to disable rate limiting all together. Helpful for testing/dev environments. | `false` | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters