Add rate limiter

2025-02-21 22:23:31 -05:00
parent ad62814d82
commit 5bc1edb749
3 changed files with 32 additions and 0 deletions
--- a/index.js
+++ b/index.js
@@ -21,6 +21,15 @@ app.use(bodyParser.urlencoded({ extended: true }));
 // -- Parse cookies
 const cookieParser = require('cookie-parser');
 app.use(cookieParser());
+// -- Rate limiting
+const { rateLimit } = require('express-rate-limit')
+const limiter = rateLimit({
+	windowMs: 10 * 60 * 1000, // 15 minutes
+	limit: 100, // Limit each IP to 100 requests per `window` (here, per 15 minutes).
+	standardHeaders: 'draft-8', // draft-6: `RateLimit-*` headers; draft-7 & draft-8: combined `RateLimit` header
+	legacyHeaders: false, // Disable the `X-RateLimit-*` headers.
+	// store: ... , // Redis, Memcached, etc. See below.
+})

 // Authentication
 const { signup, login, logout, resetPassword } = require('./auth/authEmail.js');
--- a/package-lock.json
+++ b/package-lock.json
@@ -18,6 +18,7 @@
        "dotenv": "^8.2.0",
        "expo-server-sdk": "^3.6.0",
        "express": "^4.17.1",
+        "express-rate-limit": "^7.5.0",
        "mongodb": "^3.6.3",
        "nodemailer": "^6.6.3",
        "object-hash": "^3.0.0",
@@ -1277,6 +1278,21 @@
        "node": ">= 0.10.0"
      }
    },
+    "node_modules/express-rate-limit": {
+      "version": "7.5.0",
+      "resolved": "https://registry.npmjs.org/express-rate-limit/-/express-rate-limit-7.5.0.tgz",
+      "integrity": "sha512-eB5zbQh5h+VenMPM3fh+nw1YExi5nMr6HUCR62ELSP11huvxm/Uir1H1QEyTkk5QX6A58pX6NmaTMceKZ0Eodg==",
+      "license": "MIT",
+      "engines": {
+        "node": ">= 16"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/express-rate-limit"
+      },
+      "peerDependencies": {
+        "express": "^4.11 || 5 || ^5.0.0-beta.1"
+      }
+    },
    "node_modules/fast-safe-stringify": {
      "version": "2.1.1",
      "resolved": "https://registry.npmjs.org/fast-safe-stringify/-/fast-safe-stringify-2.1.1.tgz",
@@ -4560,6 +4576,12 @@
        "vary": "~1.1.2"
      }
    },
+    "express-rate-limit": {
+      "version": "7.5.0",
+      "resolved": "https://registry.npmjs.org/express-rate-limit/-/express-rate-limit-7.5.0.tgz",
+      "integrity": "sha512-eB5zbQh5h+VenMPM3fh+nw1YExi5nMr6HUCR62ELSP11huvxm/Uir1H1QEyTkk5QX6A58pX6NmaTMceKZ0Eodg==",
+      "requires": {}
+    },
    "fast-safe-stringify": {
      "version": "2.1.1",
      "resolved": "https://registry.npmjs.org/fast-safe-stringify/-/fast-safe-stringify-2.1.1.tgz",
--- a/package.json
+++ b/package.json
@@ -22,6 +22,7 @@
    "dotenv": "^8.2.0",
    "expo-server-sdk": "^3.6.0",
    "express": "^4.17.1",
+    "express-rate-limit": "^7.5.0",
    "mongodb": "^3.6.3",
    "nodemailer": "^6.6.3",
    "object-hash": "^3.0.0",