mon-entreprise/api/source/rate-limiter.ts

import IORedis from 'ioredis'
import { BaseContext } from 'koa'
import {
	RateLimiterMemory,
	RateLimiterRedis,
	RateLimiterRes,
} from 'rate-limiter-flexible'

const Redis = IORedis.default

const rateLimiter =
	process.env.NODE_ENV === 'production' && process.env.SCALINGO_REDIS_URL
		? new RateLimiterRedis({
				storeClient: new Redis(process.env.SCALINGO_REDIS_URL, {
					enableOfflineQueue: false,
					keyPrefix: 'rate-limiter',
				}),
				keyPrefix: 'rate-limiter',
				points: 5, // 5 requests for ctx.ip
				duration: 1, // per 1 second
		  })
		: new RateLimiterMemory({
				points: 5, // 5 requests for ctx.ip
				duration: 1, // per 1 seconds
		  })

export const rateLimiterMiddleware = async (
	ctx: BaseContext,
	next: () => Promise<unknown>
) => {
	try {
		await rateLimiter.consume(ctx.ip)
	} catch (rejRes) {
		ctx.status = 429
		ctx.body = 'Too Many Requests'

		if (isRateLimiterRes(rejRes)) {
			ctx.set({
				'Retry-After': (rejRes.msBeforeNext / 1000).toString(),
				'X-RateLimit-Limit': rateLimiter.points.toString(),
				'X-RateLimit-Remaining': rejRes.remainingPoints.toString(),
				'X-RateLimit-Reset': new Date(
					Date.now() + rejRes.msBeforeNext
				).toString(),
			})
		}

		return
	}

	return await next()
}

const isRateLimiterRes = (val: unknown): val is RateLimiterRes => {
	return !!(
		val &&
		typeof val === 'object' &&
		[
			'msBeforeNext',
			'remainingPoints',
			'consumedPoints',
			'isFirstInDuration',
		].every((s) => s in val)
	)
}
Add api rate limiter 2022-08-29 09:58:53 +00:00			`import IORedis from 'ioredis'`
Fix lint 2022-09-15 08:15:41 +00:00			`import { BaseContext } from 'koa'`
Add rate limit information in header 2022-08-31 08:55:04 +00:00			`import {`
			`RateLimiterMemory,`
			`RateLimiterRedis,`
			`RateLimiterRes,`
			`} from 'rate-limiter-flexible'`
Add api rate limiter 2022-08-29 09:58:53 +00:00
			`const Redis = IORedis.default`

			`const rateLimiter =`
			`process.env.NODE_ENV === 'production' && process.env.SCALINGO_REDIS_URL`
			`? new RateLimiterRedis({`
			`storeClient: new Redis(process.env.SCALINGO_REDIS_URL, {`
			`enableOfflineQueue: false,`
Add keyPrefix to redis 2023-06-15 14:29:29 +00:00			`keyPrefix: 'rate-limiter',`
Add api rate limiter 2022-08-29 09:58:53 +00:00			`}),`
Add keyPrefix to redis 2023-06-15 14:29:29 +00:00			`keyPrefix: 'rate-limiter',`
Add api rate limiter 2022-08-29 09:58:53 +00:00			`points: 5, // 5 requests for ctx.ip`
			`duration: 1, // per 1 second`
			`})`
			`: new RateLimiterMemory({`
			`points: 5, // 5 requests for ctx.ip`
			`duration: 1, // per 1 seconds`
			`})`

Fix lint 2022-09-15 08:15:41 +00:00			`export const rateLimiterMiddleware = async (`
			`ctx: BaseContext,`
			`next: () => Promise<unknown>`
			`) => {`
Add api rate limiter 2022-08-29 09:58:53 +00:00			`try {`
			`await rateLimiter.consume(ctx.ip)`
			`} catch (rejRes) {`
			`ctx.status = 429`
			`ctx.body = 'Too Many Requests'`

Add rate limit information in header 2022-08-31 08:55:04 +00:00			`if (isRateLimiterRes(rejRes)) {`
			`ctx.set({`
			`'Retry-After': (rejRes.msBeforeNext / 1000).toString(),`
			`'X-RateLimit-Limit': rateLimiter.points.toString(),`
			`'X-RateLimit-Remaining': rejRes.remainingPoints.toString(),`
			`'X-RateLimit-Reset': new Date(`
			`Date.now() + rejRes.msBeforeNext`
			`).toString(),`
			`})`
			`}`

Add api rate limiter 2022-08-29 09:58:53 +00:00			`return`
			`}`

Fix lint 2022-09-15 08:15:41 +00:00			`return await next()`
Add api rate limiter 2022-08-29 09:58:53 +00:00			`}`
Add rate limit information in header 2022-08-31 08:55:04 +00:00
			`const isRateLimiterRes = (val: unknown): val is RateLimiterRes => {`
			`return !!(`
			`val &&`
			`typeof val === 'object' &&`
			`[`
			`'msBeforeNext',`
			`'remainingPoints',`
			`'consumedPoints',`
			`'isFirstInDuration',`
			`].every((s) => s in val)`
			`)`
			`}`