express-rate-limit - Basic rate-limiting middleware for express

  •        109

Basic rate-limiting middleware for Express. Use to limit repeated requests to public APIs and/or endpoints such as password reset. Note: this module does not share state with other processes/servers by default. If you need a more robust solution, I recommend using an addon store or trying out one of the excelent competing options.


defaults : ^1.0.3



Related Projects

express-brute - Brute-force protection middleware for express routes by rate limiting incoming requests

  •    Javascript

A brute-force protection middleware for express routes that rate-limits incoming requests, increasing the delay with each request in a fibonacci-like sequence. An in-memory store for persisting request counts. Don't use this in production, instead choose one of the more robust store implementations listed below.

ratelimit - Go/gRPC service designed to enable generic rate limit scenarios from different types of applications

  •    Go

The rate limit service is a Go/gRPC service designed to enable generic rate limit scenarios from different types of applications. Applications request a rate limit decision based on a domain and a set of descriptors. The service reads the configuration from disk via runtime, composes a cache key, and talks to the Redis cache. A decision is then returned to the caller. Envoy's data-plane-api defines a ratelimit service proto rls.proto. Logically the data-plane-api rls is equivalent to the ratelimit.proto defined in this repo. However, due to the namespace differences and how gRPC routing works it is not possible to transparently route the legacy ratelimit (ones based in the ratelimit.proto defined in this repo) requests to the data-plane-api definitions. Therefore, the ratelimit service will upgrade the requests, process them internally as it would process a data-plane-api ratelimit request, and then downgrade the response to send back to the client. This means that, for a slight performance hit for clients using the legacy proto, ratelimit is backwards compatible with the legacy proto.

ratelimit - A Golang blocking leaky-bucket rate limit implementation

  •    Go

This package provides a Golang implementation of the leaky-bucket rate limit algorithm. This implementation refills the bucket based on the time elapsed between requests instead of requiring an interval clock to fill the bucket discretely.Create a rate limiter with a maximum number of operations to perform per second. Call Take() before each operation. Take will sleep until you can continue.

node-ratelimiter - Abstract rate limiter for nodejs

  •    Javascript

Rate limiter for Node.js backed by Redis.v3.0.2 - #33 by @promag - Use sorted set to limit with moving window.

limiter - Dead simple rate limit middleware for Go.

  •    Go

Dead simple rate limit middleware for Go.The ip address of the request is used as a key in the store.

gubernator - High Performance Rate Limiting MicroService and Library

  •    Go

Gubernator is a distributed, high performance, cloud native and stateless rate limiting service. Gubernator is stateless in that it doesn’t require disk space to operate. No configuration or cache data is ever synced to disk. This is because every request to gubernator includes the config for the rate limit. At first you might think this an unnecessary overhead to each request. However, In reality a rate limit config is made up of only 4, 64bit integers.

express-paginate - Paginate middleware

  •    Javascript

Node.js pagination middleware and view helpers. v0.2.0+: As of v0.2.0, we now allow you to pass ?limit=0 to get infinite (all) results. This may impose security or performance issues for your application, so we suggest you to write a quick middleware fix such as the one below, or use rate limiting middleware to prevent abuse.

tollbooth - Simple middleware to rate-limit HTTP requests.

  •    Go

This is a generic middleware to rate-limit HTTP requests.NOTE 1: This library is considered finished.

api-throttling - Rack Middleware to impose a rate limit on a web service (aka API Throttling)

  •    Ruby

Rack Middleware to impose a rate limit on a web service (aka API Throttling)

redis-throttle - Rack middleware for rate-limiting incoming HTTP requests configured to be used with Redis

  •    Ruby

This is a fork of the Rack Throttle middleware that provides logic for rate-limiting incoming HTTP requests to Rack applications using Redis as storage system. You can use Rack::RedisThrottle with any Ruby web framework based on Rack, including Ruby on Rails 3.0 and Sinatra. This gem was designed to experiment rate limit with Rails 3.x and Doorkeeper. Redis Throttle Middleware come to life thanks to the work I've made in Lelylan, an open source microservices architecture for the Internet of Things. If this project helped you in any way, think about giving us a star on Github.

githunt - Chrome Extension - Replace your new tab with trending Github repositories

  •    HTML

By default it is set to show the trending repositories from the current week plus the repositories belonging to every language shown. However, once you will apply some filter, it will remember your configuration and the next time you will open the new tab, you will be presented with the last filter that you applied. Github API has rate limit applied in their API and although the extension implements the caching in order to make sure that the rate limit may not be crossed, however I would recommend you to set the API token in the extension in order to increase the quota.

SwiftUI-Combine - This is an example project of SwiftUI and Combine using GitHub API.

  •    Swift

This is an example project of SwiftUI and Combine using GitHub GET /search/users API. GitHub search API has a rate limit rules. For unauthenticated requests, the rate limit allows you to make up to 10 requests per minute.

Sharq Server - A flexible rate limited queueing system

  •    Python

SHARQ is a flexible, open source, rate limited queuing system. Based on the Leaky Bucket Algorithm, SHARQ lets you create queues dynamically and update their rate limits in real time. SHARQ consists of two components - the core component and the server component. The SHARQ core is built on Redis, using Python and Lua, and the SHARQ Server is built using Flask and Gevent and talks HTTP.

throttled - Package throttled implements rate limiting access to resources such as HTTP endpoints.

  •    Go

Package throttled implements rate limiting using the generic cell rate algorithm to limit access to resources such as HTTP endpoints. See throttled/gcra for a list of other projects related to rate limiting and GCRA.

bucket4j - Java rate limiting library based on token/leaky-bucket algorithm.

  •    Java

Copyright 2015-2019 Vladimir Bukhtoyarov Licensed under the Apache Software License, Version 2.0:

express-limiter - Rate limiting middleware for Express

  •    Javascript

rate limiter middleware for express applications

doorman - Doorman: Global Distributed Client Side Rate Limiting.

  •    Go

Doorman is a solution for Global Distributed Client Side Rate Limiting. Clients that talk to a shared resource (such as a database, a gRPC service, a RESTful API, or whatever) can use Doorman to voluntarily limit their use (usually in requests per second) of the resource. Doorman is written in Go and uses gRPC as its communication protocol. For some high-availability features it needs a distributed lock manager. We currently support etcd, but it should be relatively simple to make it use Zookeeper instead.The Doorman master server remembers all clients that currently have capacity and whenever a client asks for capacity it inserts the clients request into its memory and runs the algorithm to figure out what this client should get.

credential - Easy password hashing and verification in Node

  •    Javascript

Easy password hashing and verification in Node. Protects against brute force, rainbow tables, and timing attacks.Employs cryptographically secure, per password salts to prevent rainbow table attacks. Key stretching is used to make brute force attacks impractical. A constant time verification check prevents variable response time attacks.