Open In App

What is Express-rate-limit in Node.js ?

Last Updated : 03 Jul, 2024
Summarize
Comments
Improve
Suggest changes
Like Article
Like
Save
Share
Report
News Follow

express-rate-limit is a middleware for Express.js applications that helps control the rate at which requests can be made to the server. It is particularly useful for preventing abuse by limiting the number of requests a client can make to your API within a specific time frame. This can help mitigate various types of attacks, such as denial-of-service (DoS) attacks, brute-force attacks, and more.

Key Features

  • Rate Limiting: Limits the number of requests per IP within a specified timeframe.
  • Customizable: Allows customization of the rate limit behaviour, such as error messages and status codes.
  • Easy to Use: Integrates easily with Express applications.
  • Flexible: Can be configured to handle different routes and methods individually.

Installation Steps

Step 1: Make a folder structure for the project.

mkdir myapp

Step 2: Navigate to the project directory

cd myapp

Step 3: Initialize the NodeJs project inside the myapp folder.

npm init -y

Step 4: Install the required dependencies by the following command:

npm install express-rate-limit
Screenshot-2024-07-01-225555

The updated dependencies in package.json file will look like:

"dependencies": {
"express-rate-limit": "^7.3.1",
}

Example: Implementation to show the use of Express-rate-limit in Node.js

JavaScript
// app.js

// Express is node framework that helps
// in setting up the server and routing.
const express = require("express");

// The express-rate-limit is for
// limiting the incoming request.
const rateLimit = require("express-rate-limit");

// App variable store the express module.
const app = express();

// Creating a limiter by calling rateLimit function with options:
// max contains the maximum number of request and windowMs
// contains the time in millisecond so only max amount of
// request can be made in windowMS time.
const limiter = rateLimit({
    max: 200,
    windowMs: 60 * 60 * 1000,
    message: "Too many request from this IP"
});

// Add the limiter function to the express middleware
// so that every request coming from user passes
// through this middleware.
app.use(limiter);

// GET route to handle the request coming from user
app.get("/", (req, res) => {
    res.status(200).json({
        status: "success",
        message: "Hello from the GeeksforGeeks express server"
    });
});

// Server Setup
const port = 8000;
app.listen(port, () => {
    console.log(`app is running on port ${port}`);
});

Step to Run Application: Run the application using the following command from the root directory of the project

node app.js

Output: Your project will be shown in the URL http://localhost:8000/

  • Output when a request doesn’t exceed the max limit of the rate limiter:
  • Output when a request exceeds the max limit of the rate limiter:

Conclusion

express-rate-limit is a powerful middleware for managing the rate of incoming requests to your Express.js application. By implementing rate limiting, you can enhance the security and stability of your application, ensuring that it remains available and responsive even under heavy load or malicious attack attempts. With its flexibility and ease of use, it’s a valuable tool for any Node.js developer.



Similar Reads

three90RightbarBannerImg
  翻译: