mirror of
https://github.com/jambonz/jambonz-api-server.git
synced 2025-12-19 05:47:46 +00:00
add rate limiting
This commit is contained in:
Dave Horton
10
app.js
10
app.js
@@ -10,6 +10,7 @@ const logger = require('pino')(opts);
|
||||
const express = require('express');
|
||||
const app = express();
|
||||
const helmet = require('helmet');
|
||||
const rateLimit = require('express-rate-limit');
|
||||
const cors = require('cors');
|
||||
const passport = require('passport');
|
||||
const routes = require('./lib/routes');
|
||||
@@ -89,6 +90,15 @@ const unless = (paths, middleware) => {
|
||||
return middleware(req, res, next);
|
||||
};
|
||||
};
|
||||
|
||||
const limiter = rateLimit({
|
||||
windowMs: (process.env.RATE_LIMIT_WINDOWS_MS || 5) * 60 * 1000, // 5 minutes
|
||||
max: process.env.RATE_LIMIT_MAX_PER_WINDOW || 600, // Limit each IP to 600 requests per `window`
|
||||
standardHeaders: true, // Return rate limit info in the `RateLimit-*` headers
|
||||
legacyHeaders: false, // Disable the `X-RateLimit-*` headers
|
||||
});
|
||||
|
||||
app.use(limiter);
|
||||
app.use(helmet());
|
||||
app.use(helmet.hidePoweredBy());
|
||||
app.use(passport.initialize());
|
||||
|
||||
18
package-lock.json
generated
18
package-lock.json
generated
@@ -20,6 +20,7 @@
|
||||
"cors": "^2.8.5",
|
||||
"debug": "^4.3.3",
|
||||
"express": "^4.17.2",
|
||||
"express-rate-limit": "^6.3.0",
|
||||
"form-data": "^2.5.1",
|
||||
"form-urlencoded": "^6.0.5",
|
||||
"helmet": "^5.0.2",
|
||||
@@ -3012,6 +3013,17 @@
|
||||
"node": ">= 0.10.0"
|
||||
}
|
||||
},
|
||||
"node_modules/express-rate-limit": {
|
||||
"version": "6.3.0",
|
||||
"resolved": "https://registry.npmjs.org/express-rate-limit/-/express-rate-limit-6.3.0.tgz",
|
||||
"integrity": "sha512-932Io1VGKjM3ppi7xW9sb1J5nVkEJSUiOtHw2oE+JyHks1e+AXuOBSXbJKM0mcXwEnW1TibJibQ455Ow1YFjfg==",
|
||||
"engines": {
|
||||
"node": ">= 12.9.0"
|
||||
},
|
||||
"peerDependencies": {
|
||||
"express": "^4"
|
||||
}
|
||||
},
|
||||
"node_modules/express/node_modules/debug": {
|
||||
"version": "2.6.9",
|
||||
"resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz",
|
||||
@@ -9311,6 +9323,12 @@
|
||||
}
|
||||
}
|
||||
},
|
||||
"express-rate-limit": {
|
||||
"version": "6.3.0",
|
||||
"resolved": "https://registry.npmjs.org/express-rate-limit/-/express-rate-limit-6.3.0.tgz",
|
||||
"integrity": "sha512-932Io1VGKjM3ppi7xW9sb1J5nVkEJSUiOtHw2oE+JyHks1e+AXuOBSXbJKM0mcXwEnW1TibJibQ455Ow1YFjfg==",
|
||||
"requires": {}
|
||||
},
|
||||
"extend": {
|
||||
"version": "3.0.2",
|
||||
"resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz",
|
||||
|
||||
@@ -29,6 +29,7 @@
|
||||
"cors": "^2.8.5",
|
||||
"debug": "^4.3.3",
|
||||
"express": "^4.17.2",
|
||||
"express-rate-limit": "^6.3.0",
|
||||
"form-data": "^2.5.1",
|
||||
"form-urlencoded": "^6.0.5",
|
||||
"helmet": "^5.0.2",
|
||||
|
||||
Reference in New Issue
Block a user