feat(api): rate limiting
This commit is contained in:
divlo
14
api/app.js
14
api/app.js
@@ -6,6 +6,7 @@ const helmet = require('helmet')
|
||||
const cors = require('cors')
|
||||
const morgan = require('morgan')
|
||||
const { redirectToHTTPS } = require('express-http-to-https')
|
||||
const rateLimit = require('express-rate-limit')
|
||||
|
||||
/* Files Imports & Variables */
|
||||
const sequelize = require('./assets/utils/database')
|
||||
@@ -20,6 +21,19 @@ if (process.env.NODE_ENV === 'development') {
|
||||
app.use(morgan('dev'))
|
||||
} else if (process.env.NODE_ENV === 'production') {
|
||||
app.use(redirectToHTTPS())
|
||||
const requestPerSecond = 2
|
||||
const seconds = 60
|
||||
const windowMs = seconds * 1000
|
||||
app.enable('trust proxy')
|
||||
app.use(
|
||||
rateLimit({
|
||||
windowMs,
|
||||
max: seconds * requestPerSecond,
|
||||
handler: (_req, res) => {
|
||||
return res.status(429).json({ message: 'Too many requests' })
|
||||
}
|
||||
})
|
||||
)
|
||||
}
|
||||
app.use(helmet())
|
||||
app.use(cors())
|
||||
|
||||
5
api/package-lock.json
generated
5
api/package-lock.json
generated
@@ -1406,6 +1406,11 @@
|
||||
"express": "^4.15.3"
|
||||
}
|
||||
},
|
||||
"express-rate-limit": {
|
||||
"version": "5.1.3",
|
||||
"resolved": "https://registry.npmjs.org/express-rate-limit/-/express-rate-limit-5.1.3.tgz",
|
||||
"integrity": "sha512-TINcxve5510pXj4n9/1AMupkj3iWxl3JuZaWhCdYDlZeoCPqweGZrxbrlqTCFb1CT5wli7s8e2SH/Qz2c9GorA=="
|
||||
},
|
||||
"express-validator": {
|
||||
"version": "6.6.1",
|
||||
"resolved": "https://registry.npmjs.org/express-validator/-/express-validator-6.6.1.tgz",
|
||||
|
||||
@@ -11,23 +11,24 @@
|
||||
"axios": "^0.21.0",
|
||||
"bcryptjs": "^2.4.3",
|
||||
"cors": "^2.8.5",
|
||||
"dotenv": "^8.2.0",
|
||||
"express": "^4.17.1",
|
||||
"express-fileupload": "^1.2.0",
|
||||
"express-http-to-https": "^1.1.4",
|
||||
"express-rate-limit": "^5.1.3",
|
||||
"express-validator": "^6.6.1",
|
||||
"helmet": "^4.1.1",
|
||||
"jsdom": "^16.4.0",
|
||||
"jsonwebtoken": "^8.5.1",
|
||||
"moment": "^2.29.1",
|
||||
"morgan": "^1.10.0",
|
||||
"ms": "^2.1.2",
|
||||
"mysql2": "^2.2.5",
|
||||
"nodemailer": "^6.4.14",
|
||||
"sequelize": "^6.3.5",
|
||||
"smart-request-balancer": "^2.1.1",
|
||||
"uuid": "^8.3.1",
|
||||
"validator": "^13.1.17",
|
||||
"dotenv": "^8.2.0",
|
||||
"morgan": "^1.10.0"
|
||||
"validator": "^13.1.17"
|
||||
},
|
||||
"devDependencies": {
|
||||
"nodemon": "^2.0.6",
|
||||
|
||||
Reference in New Issue
Block a user