25 lines
685 B
JavaScript
25 lines
685 B
JavaScript
const { RateLimiterMemory } = require('rate-limiter-flexible');
|
|
|
|
const rateLimiter = new RateLimiterMemory({
|
|
keyPrefix: 'middleware',
|
|
points: parseInt(process.env.RATE_LIMIT_MAX_REQUESTS) || 100,
|
|
duration: parseInt(process.env.RATE_LIMIT_WINDOW_MS) || 900, // 15 minutes
|
|
});
|
|
|
|
const rateLimiterMiddleware = async (req, res, next) => {
|
|
try {
|
|
const key = req.ip;
|
|
await rateLimiter.consume(key);
|
|
next();
|
|
} catch (rejRes) {
|
|
const secs = Math.round(rejRes.msBeforeNext / 1000) || 1;
|
|
res.set('Retry-After', String(secs));
|
|
res.status(429).json({
|
|
error: 'Too Many Requests',
|
|
retryAfter: secs
|
|
});
|
|
}
|
|
};
|
|
|
|
module.exports = rateLimiterMiddleware;
|