Find Similar Packages for express-rate-limit
Search packages..
1 Year
express-rate-limitSimilar Packages:
NPM Package Downloads Trend
Stat Detail
Package
Downloads
Stars
Size
Issues
Publish
License
express-rate-limit1,256,4772,912117 kB5a month agoMIT
Similar Npm Packages to express-rate-limit

express-rate-limit is a middleware for Express.js that helps to limit repeated requests to public APIs and endpoints. It is particularly useful for preventing abuse and ensuring fair usage of resources by controlling the rate at which clients can make requests. By implementing rate limiting, developers can protect their applications from denial-of-service attacks and reduce the load on their servers.

While express-rate-limit is a popular choice for rate limiting in Express applications, there are several alternatives that offer different features and capabilities. Here are a few notable options:

  • express-brute is a robust rate-limiting middleware for Express.js that provides more advanced features compared to express-rate-limit. It allows you to define complex rate-limiting strategies, including support for different stores (like memory, Redis, etc.) and customizable error messages. If you need a more flexible and powerful solution for rate limiting that can handle various scenarios, express-brute is a great choice.

  • express-slow-down is another middleware for Express.js that focuses on slowing down responses instead of outright blocking requests. This can be particularly useful in situations where you want to deter abusive behavior without completely denying access. By introducing delays for repeated requests, express-slow-down can help mitigate the impact of abusive clients while still allowing them to access the service.

  • rate-limiter-flexible is a flexible and powerful rate-limiting library that can be used with various frameworks, including Express.js. It supports a wide range of features, such as different storage backends (Redis, MongoDB, etc.), dynamic limits based on user roles, and more. If you need a highly configurable rate-limiting solution that can adapt to different requirements, rate-limiter-flexible is an excellent option.

To explore how these packages compare, check out the following link: Comparing express-brute vs express-rate-limit vs express-slow-down vs rate-limiter-flexible.

README for express-rate-limit

express-rate-limit

tests npm version npm downloads license

Basic rate-limiting middleware for Express. Use to limit repeated requests to public APIs and/or endpoints such as password reset. Plays nice with express-slow-down and ratelimit-header-parser.

Usage

The full documentation is available on-line.

import { rateLimit } from 'express-rate-limit'

const limiter = rateLimit({
	windowMs: 15 * 60 * 1000, // 15 minutes
	limit: 100, // Limit each IP to 100 requests per `window` (here, per 15 minutes).
	standardHeaders: 'draft-7', // draft-6: `RateLimit-*` headers; draft-7: combined `RateLimit` header
	legacyHeaders: false, // Disable the `X-RateLimit-*` headers.
	// store: ... , // Redis, Memcached, etc. See below.
})

// Apply the rate limiting middleware to all requests.
app.use(limiter)

Data Stores

The rate limiter comes with a built-in memory store, and supports a variety of external data stores.

Configuration

All function options may be async. Click the name for additional info and default values.

| Option | Type | Remarks | | -------------------------- | -------------------------------- | ----------------------------------------------------------------------------------------------- | | windowMs | number | How long to remember requests for, in milliseconds. | | limit | number | function | How many requests to allow. | | message | string | json | function | Response to return after limit is reached. | | statusCode | number | HTTP status code after limit is reached (default is 429). | | handler | function | Function to run after limit is reached (overrides message and statusCode settings, if set). | | legacyHeaders | boolean | Enable the X-Rate-Limit header. | | standardHeaders | 'draft-6' | 'draft-7' | Enable the Ratelimit header. | | store | Store | Use a custom store to share hit counts across multiple nodes. | | passOnStoreError | boolean | Allow (true) or block (false, default) traffic if the store becomes unavailable. | | keyGenerator | function | Identify users (defaults to IP address). | | requestPropertyName | string | Add rate limit info to the req object. | | skip | function | Return true to bypass the limiter for the given request. | | skipSuccessfulRequests | boolean | Uncount 1xx/2xx/3xx responses. | | skipFailedRequests | boolean | Uncount 4xx/5xx responses. | | requestWasSuccessful | function | Used by skipSuccessfulRequests and skipFailedRequests. | | validate | boolean | object | Enable or disable built-in validation checks. |

Thank You

Sponsored by Zuplo a fully-managed API Gateway for developers. Add dynamic rate-limiting, authentication and more to any API in minutes. Learn more at zuplo.com

zuplo-logo

Thanks to Mintlify for hosting the documentation at express-rate-limit.mintlify.app

Create your docs today

Finally, thank you to everyone who's contributed to this project in any way! 🫶

Issues and Contributing

If you encounter a bug or want to see something added/changed, please go ahead and open an issue! If you need help with something, feel free to start a discussion!

If you wish to contribute to the library, thanks! First, please read the contributing guide. Then you can pick up any issue and fix/implement it!

License

MIT © Nathan Friedly, Vedant K

Terms & PrivacyProduct HuntJSON to TypeScriptCopilotChat for Web Dev