Skip to content
This repository has been archived by the owner on Sep 15, 2020. It is now read-only.

fcmatteo/express-antiflood

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

30 Commits
spec
spec
 
 
src
src
 
 
.babelrc
.babelrc
 
 
.eslintrc
.eslintrc
 
 
.gitignore
.gitignore
 
 
.npmignore
.npmignore
 
 
.travis.yml
.travis.yml
 
 
README.md
README.md
 
 
package.json
package.json
 
 

Repository files navigation

Build status

express-antiflood

An antiflood middleware for Express. For using it in production check out the Redis store.

Keep in mind that I'm doing this in my free time, so be kind 😁.

Installation

npm install express-antiflood

Usage

import express from 'express'
import antiflood, { MemoryStore } from 'express-antiflood'

const app = express()
const middleware = antiflood(MemoryStore(), {
    tries: 3,
    timeLimit: 30000,
    timeBlocked: 60000 * 10,
})

app.post('/comment', middleware, function (req, res) {
  res.send('Hello World!')
})

app.listen(3000)

Options

Antiflood(store, options, extensions)

  • store An store. You can use MemoryStore which is included in this repo but it's recommended to use a production-ready store like RedisStore
  • options
    • timeLimit The time that has to pass since the latest request before the store resets the request count to 0 (default: 60000)
    • timeBlocked The time (in miliseconds) the user will have to wait when he reached the limit of requests (default: 300000)
    • tries Number of tries before getting blocked. If the user makes the request {tries} times, the request will success but the user will have to wait {timeBlocked}ms before making it again (default: 10)
    • prefix Prefix for the key saved in the store (default: '')
    • failCallback A function that gets called with (req, res, next, nextValidRequestDate) when a request is blocked (by default it responds with a Too many requests error)
    • getKey A function that gets called with (req) and returns the key that will be used by the store. For example to save the key based on the username. (by default the middleware will use req.ip)
  • extensions A function or an array of functions. Each function receives a listener. More info in the extensions section.

Creating extensions

An extension is just a function that receives a listener function:

function (listener) {
  listener(EVENT, function(data) {
    // Do something!
  })
}

Where:

  • data is an object with the following values:
    • key The value the store used in the request

Events

  • SUCCESS On each request that has been successful and the user has not been blocked
  • LIMIT_REACHED The request was successful but the user has reached the limit and has been blocked for the following requests
  • BLOCKED When the request was rejected because the user is blocked

TODO:

  • Add more tests

About

An antiflood middleware for Express

Resources

Readme
Activity

Stars

0 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

2 tags

Packages

No packages published

Languages