cruise-controller

Cruise-Controller - An Express Middleware for Rate Limiting

Introduction

Cruise-controller is a flexible rate limiting middleware for Express. It allows you to limit requests based on custom identifiers such as IP addresses or authenticated users. It also supports throttling by performing exponential backoff and can use either in-memory or Redis storage. It also allows for whitelisting and blacklisting of identifiers and several more configuration options.

Installation

First, install the package using npm:

npm install cruise-controller

Then, require it in your project:

const RateLimiter = require('cruise-controller');

Usage

Instantiate the rate limiter with desired options:

const rateLimiter = new RateLimiter({
  max: 100, // max requests
  windowMs: 15 * 60 * 1000, // window in milliseconds
  getKey: (req) => req.ip, // function to identify the source of a request
  store: new RedisStore(), // specify the store
  whitelist: ['127.0.0.1'], // array of whitelisted identifiers
  blacklist: [], // array of blacklisted identifiers
  onExceeded: (req, res) => res.sendStatus(429), // function to execute when rate limit is exceeded
}); 

Use the rate limiter in your Express app:

app.use(rateLimiter.middleware());

Options

The rate limiter takes the following options:

Exponential Backoff

The rate limiting mechanism incorporates an Exponential Backoff feature, designed to gracefully handle rate-limit exceeded responses. When a client surpasses its allowed request limit, instead of receiving an immediate error response, this feature introduces a time delay for subsequent requests from that client. The delay duration starts conservatively and gradually increases with each exceeded request, allowing the client to recover and reduce the request rate. This ensures a smoother and more user-friendly experience, preventing rapid successive requests and minimizing service disruptions due to rate limiting.

Custom Stores

You can implement your own custom store. Refer to redisStore.js and memoryStore.js for more info.

Contributing

Please feel free to open an issue or pull request if you would like to contribute to this project.