Flood protection for realtime applications
Purpose of this library is to have control on receiving data packages. It allows you to drop data packages (e.g. messages) if they arrive too quickly. As an example you may want to use it to prevent spam messages in chat rooms or to limit number of requests to your http/express server.
- I basically rewrote the python solution which was stated here for my own needs in javascript: https://stackoverflow.com/a/668327/1417536.
- This library uses Token Bucket Algorithm.
npm install --save flood-protection
import FloodProtection from 'flood-protection';
const floodProtection = new FloodProtection({
rate: 5,
// default: 5, unit: messages
// IMPORTANT: rate must be >= 1 (greater than or equal to 1)
per: 8,
// default: 8, unit: seconds
});import FloodProtection from 'flood-protection';
// ...
// io is a Socket.io instance...
io.on('connection', (client) => {
client.emit('connected');
const floodProtection = new FloodProtection();
client.on('message', (text) => {
if (floodProtection.check()) {
// forward message
io.emit('message', text);
} else {
// forbid message
client.emit('flood', {
text: 'Take it easy!',
});
}
});
});As always, I'm open to any contribution and would like to hear your feedback.
If you are planning to contribute to any open source project, before starting development, please always open an issue and make a proposal first. This will save you from working on features that are eventually going to be rejected for some reason.
MIT (c) 2017 Mehmet Yatkı