Gathering detailed insights and metrics for async-ratelimiter
Gathering detailed insights and metrics for async-ratelimiter
Installations
npm install async-ratelimiterDeveloper
microlinkhq
Developer Guide
BETA
Module System
CommonJS
Min. Node Version
>= 8
Typescript Support
No
Node Version
20.10.0
NPM Version
10.2.3
Statistics
320 Stars
154 Commits
23 Forks
3 Watching
2 Branches
10 Contributors
Updated on 23 Oct 2024
Languages
JavaScript (100%)
Total Downloads
Cumulative downloads
Total Downloads
2,508,620
Last day
10.4%
5,653
Compared to previous day
Last week
-1%
26,426
Compared to previous week
Last month
-12.2%
151,180
Compared to previous month
Last year
41.1%
1,009,383
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Versions
Rate limit made simple, easy, async. Based on ratelimiter.
Install
1$ npm install async-ratelimiter --save
Usage
A simple middleware implementation for whatever HTTP server:
1'use strict' 2 3const RateLimiter = require('async-ratelimiter') 4const { getClientIp } = require('request-ip') 5const Redis = require('ioredis') 6 7const rateLimiter = new RateLimiter({ 8 db: new Redis() 9}) 10 11const apiQuota = async (req, res, next) => { 12 const clientIp = getClientIp(req) 13 const limit = await rateLimiter.get({ id: clientIp }) 14 15 if (!res.writableEnded) { 16 res.setHeader('X-Rate-Limit-Limit', limit.total) 17 res.setHeader('X-Rate-Limit-Remaining', Math.max(0, limit.remaining - 1)) 18 res.setHeader('X-Rate-Limit-Reset', limit.reset) 19 } 20 21 return !limit.remaining 22 ? sendFail({ 23 req, 24 res, 25 code: HTTPStatus.TOO_MANY_REQUESTS, 26 message: MESSAGES.RATE_LIMIT_EXCEDEED() 27 }) 28 : next(req, res) 29}
API
constructor(options)
It creates an rate limiter instance.
options
db
Required
Type: object
The redis connection instance.
max
Type: number
Default: 2500
The maximum number of requests within duration.
duration
Type: number
Default: 3600000
How long keep records of requests in milliseconds.
namespace
Type: string
Default: 'limit'
The prefix used for compound the key.
id
Type: string
The identifier to limit against (typically a user id).
You can pass this value using when you use .get method as well.
.get(options)
Given an id, returns a Promise with the status of the limit with the following structure:
total:maxvalue.remaining: number of calls left in currentdurationwithout decreasing currentget.reset: time since epoch in seconds that the rate limiting period will end (or already ended).
options
id
Type: string
Default: this.id
The identifier to limit against (typically a user id).
max
Type: number
Default: this.max
The maximum number of requests within duration. If provided, it overrides the default max value. This is useful for custom limits that differ between IDs.
duration
Type: number
Default: this.max
How long keep records of requests in milliseconds. If provided, it overrides the default duration value.
Related
- express-slow-down – Slow down repeated requests; use as an alternative (or addition) to express-rate-limit.
License
async-ratelimiter © microlink.io, released under the MIT License.
Authored and maintained by Kiko Beats with help from contributors.
microlink.io · GitHub microlink.io · Twitter @microlinkhq
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
no dangerous workflow patterns detected
Reason
0 existing vulnerabilities detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE.md:0
- Info: FSF or OSI recognized license: MIT License: LICENSE.md:0
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
Found 0/23 approved changesets -- score normalized to 0
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/microlinkhq/async-ratelimiter/main.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/microlinkhq/async-ratelimiter/main.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/microlinkhq/async-ratelimiter/main.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/microlinkhq/async-ratelimiter/main.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/microlinkhq/async-ratelimiter/main.yml/master?enable=pin
- Info: 0 out of 2 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 3 third-party GitHubAction dependencies pinned
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/main.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 9 are checked with a SAST tool
Score
3.4
/10
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More