commit d8e9106a40fe6983c64cf4bcca1ac30e3736d39a Author: sumit Date: Thu Sep 26 16:53:48 2024 +0530 initial commit with tested code diff --git a/README.md b/README.md new file mode 100644 index 0000000..795d067 --- /dev/null +++ b/README.md @@ -0,0 +1,117 @@ +# Rate Limiter + +A customizable rate-limiting and throttling middleware for Node.js applications. It allows you to limit the number of requests a client can make to your server within a specified time window. + +## Features + +- Flexible request limiting based on time windows. +- Easily configurable for IP-based or user-based rate limiting. +- Simple integration as middleware in Node.js apps (e.g., with Express). +- Supports both **rate limiting** and **throttling**. + +## Installation + +You can install the package via npm: + +```bash +npm install rate-limiter +``` + +## Usage + +### Basic Usage + +The package can be used as middleware in your Node.js/Express applications to limit requests. Here's an example to allow **10 requests per second**. + +```javascript +const express = require('express'); +const rateLimiter = require('rate-limiter'); + +const app = express(); + +// Apply rate limiter middleware +app.use(rateLimiter({ + windowMs: 1000, // 1 second + maxRequests: 10 // Limit each client to 10 requests per windowMs +})); + +app.get('/', (req, res) => { + res.send('Hello, world!'); +}); + +app.listen(3000, () => { + console.log('Server is running on port 3000'); +}); +``` + +### Options + +The `rateLimiter` function accepts an options object to configure the behavior: + +- **`windowMs`**: The time frame (in milliseconds) to allow `maxRequests`. For example, `1000` will enforce the limit per second. +- **`maxRequests`**: The maximum number of requests allowed during the `windowMs` period. + +### Example: 100 Requests per 15 Minutes + +```javascript +app.use(rateLimiter({ + windowMs: 15 * 60 * 1000, // 15 minutes + maxRequests: 100 // Limit each client to 100 requests per windowMs +})); +``` + +## Advanced Features + +### IP-Based Limiting + +By default, the middleware identifies clients by their IP address (`req.ip` in Express). This ensures that requests from each client IP are tracked separately. + +### User-Based Limiting + +You can also implement user-based rate limiting by passing a user identifier (such as an API key or user ID) to the rate limiter. + +```javascript +app.use((req, res, next) => { + const clientId = req.user.id; // Assuming you have user authentication + rateLimiter({ + windowMs: 60000, // 1 minute + maxRequests: 30 // Limit to 30 requests per minute per user + })(req, res, next); +}); +``` + +## Development + +If you'd like to contribute or modify the package, you can clone the repository and run it locally: + +```bash +git clone https://github.com/yourusername/rate-limiter.git +cd rate-limiter +npm install +``` + +### Testing Locally + +To run the Express example: + +1. Create a file `app.js` as shown in the example above. +2. Run the server: + +```bash +node app.js +``` + +## Contributing + +Contributions are welcome! Please open issues and submit pull requests on GitHub if you'd like to improve the package. + +## Issues + +If you encounter any problems or have any questions, feel free to open an issue on GitHub. + +## Links + +- **GitHub**: [https://github.com/yourusername/rate-limiter](https://github.com/yourusername/rate-limiter) +- **NPM**: [https://www.npmjs.com/package/rate-limiter](https://www.npmjs.com/package/rate-limiter) + +--- diff --git a/index.js b/index.js new file mode 100755 index 0000000..c57c527 --- /dev/null +++ b/index.js @@ -0,0 +1,24 @@ +// index.js +const RateLimiter = require('./lib/rateLimiter'); + +// Middleware wrapper for Express.js or any other Node.js framework +const rateLimiterMiddleware = (options) => { + const limiter = new RateLimiter(options); + + return (req, res, next) => { + const clientId = req.ip; // Use IP-based rate limiting + const result = limiter.handleRequest(clientId); + + if (!result.allowed) { + return res.status(429).json({ + message: 'Too many requests. Please try again later.', + retryAfter: result.remainingTime / 1000, // Retry after (seconds) + }); + } + + // If allowed, proceed to the next middleware or route handler + next(); + }; +}; + +module.exports = rateLimiterMiddleware; diff --git a/lib/rateLimiter.js b/lib/rateLimiter.js new file mode 100755 index 0000000..1689a1d --- /dev/null +++ b/lib/rateLimiter.js @@ -0,0 +1,50 @@ +// lib/rateLimiter.js + +class RateLimiter { + constructor({ windowMs, maxRequests }) { + // windowMs is the time window in milliseconds (e.g., 15 minutes = 15 * 60 * 1000) + this.windowMs = windowMs; + // maxRequests is the number of allowed requests in the given window + this.maxRequests = maxRequests; + // in-memory store to keep track of requests per client + this.clients = new Map(); + } + + // Function to handle a request + handleRequest(clientId) { + const currentTime = Date.now(); + + // Check if the client has made requests in the current window + if (this.clients.has(clientId)) { + const clientData = this.clients.get(clientId); + const { requestCount, startTime } = clientData; + + // If the current time is within the window, check the request count + if (currentTime - startTime < this.windowMs) { + if (requestCount >= this.maxRequests) { + return { allowed: false, remainingTime: (startTime + this.windowMs - currentTime) }; + } + // If not exceeding the maxRequests, increment the count + clientData.requestCount += 1; + this.clients.set(clientId, clientData); + return { allowed: true, remainingRequests: this.maxRequests - clientData.requestCount }; + } + } + + // Reset or start a new window for the client + this.clients.set(clientId, { requestCount: 1, startTime: currentTime }); + return { allowed: true, remainingRequests: this.maxRequests - 1 }; + } + + // Function to clear expired clients from the store (optional for memory optimization) + clearExpiredClients() { + const currentTime = Date.now(); + this.clients.forEach((clientData, clientId) => { + if (currentTime - clientData.startTime > this.windowMs) { + this.clients.delete(clientId); + } + }); + } +} + +module.exports = RateLimiter; diff --git a/package.json b/package.json new file mode 100755 index 0000000..9cdca95 --- /dev/null +++ b/package.json @@ -0,0 +1,16 @@ +{ + "name": "rate-limiter", + "version": "1.0.0", + "description": "Custom rate limiting middleware for Node.js", + "main": "index.js", + "keywords": [ + "rate-limiting", + "rate-limiter", + "secure-api", + "throttling", + "middleware", + "node" + ], + "author": "Digimantra Labs", + "license": "MIT" +}