MCPcopy
hub / github.com/express-rate-limit/express-rate-limit

github.com/express-rate-limit/express-rate-limit @v8.5.2 sqlite

repository ↗ · DeepWiki ↗ · release v8.5.2 ↗
163 symbols 394 edges 72 files 29 documented · 18%
README

express-rate-limit

tests npm version npm downloads license

Basic rate-limiting middleware for Express. Use to limit repeated requests to public APIs and/or endpoints such as password reset. Plays nice with express-slow-down and ratelimit-header-parser.

Usage

The full documentation is available on-line.

import { rateLimit } from 'express-rate-limit'

const limiter = rateLimit({
    windowMs: 15 * 60 * 1000, // 15 minutes
    limit: 100, // Limit each IP to 100 requests per `window` (here, per 15 minutes).
    standardHeaders: 'draft-8', // draft-6: `RateLimit-*` headers; draft-7 & draft-8: combined `RateLimit` header
    legacyHeaders: false, // Disable the `X-RateLimit-*` headers.
    ipv6Subnet: 56, // Set to 60 or 64 to be less aggressive, or 52 or 48 to be more aggressive
    // store: ... , // Redis, Memcached, etc. See below.
})

// Apply the rate limiting middleware to all requests.
app.use(limiter)

Data Stores

The rate limiter comes with a built-in memory store, and supports a variety of external data stores.

Configuration

All function options may be async. Click the name for additional info and default values.

Option Type Remarks
[windowMs] number How long to remember requests for, in milliseconds.
[limit] number | function How many requests to allow.
[message] string | json | function Response to return after limit is reached.
[statusCode] number HTTP status code after limit is reached (default is 429).
[handler] function Function to run after limit is reached (overrides message and statusCode settings, if set).
[legacyHeaders] boolean Enable the X-Rate-Limit header.
[standardHeaders] 'draft-6' | 'draft-7' | 'draft-8' Enable the Ratelimit header.
[identifier] string | function Name associated with the quota policy enforced by this rate limiter.
[store] Store Use a custom store to share hit counts across multiple nodes.
[passOnStoreError] boolean Allow (true) or block (false, default) traffic if the store becomes unavailable.
[keyGenerator] function Identify users (defaults to IP address).
[ipv6Subnet] number (32-64) | function | false How many bits of IPv6 addresses to use in default keyGenerator
[requestPropertyName] string Add rate limit info to the req object.
[skip] function Return true to bypass the limiter for the given request.
[skipSuccessfulRequests] boolean Uncount 1xx/2xx/3xx responses.
[skipFailedRequests] boolean Uncount 4xx/5xx responses.
[requestWasSuccessful] function Used by skipSuccessfulRequests and skipFailedRequests.
[validate] boolean | object Enable or disable built-in validation checks.
[logger] Logger Custom logger

Thank You


Thanks to Mintlify for hosting the documentation at express-rate-limit.mintlify.app

<a href="https://mintlify.com/?utm_campaign=devmark&utm_medium=readme&utm_source=express-rate-limit">
    <img height="75" src="https://devmark-public-assets.s3.us-west-2.amazonaws.com/sponsorships/mintlify.svg" alt="Create your docs today">
</a>

And thank you to everyone who's contributed to this project in any way! 🫶

Issues and Contributing

If you encounter a bug or want to see something added/changed, please go ahead and open an issue! If you need help with something, feel free to start a discussion!

If you wish to contribute to the library, thanks! First, please read the contributing guide. Then you can pick up any issue and fix/implement it!

License

MIT © Nathan Friedly, Vedant K

Core symbols most depended-on inside this repo

rateLimit
called by 90
source/rate-limit.ts
get
called by 80
test/library/middleware-test.ts
createServer
called by 64
test/library/helpers/create-server.ts
get
called by 32
test/library/headers-test.ts
increment
called by 30
test/library/headers-test.ts
get
called by 23
test/external/imports/named-import/ts-cjs/source/app.ts
ipKeyGenerator
called by 14
source/ip-key-generator.ts
init
called by 14
test/library/options-test.ts

Shape

Method 73
Function 50
Class 40

Languages

TypeScript100%

Modules by API surface

test/library/middleware-test.ts40 symbols
source/validations.ts27 symbols
source/rate-limit.ts17 symbols
source/memory-store.ts13 symbols
test/library/options-test.ts12 symbols
test/external/imports/named-import/ts-esm/source/app.ts7 symbols
test/external/imports/named-import/ts-cjs/source/app.ts7 symbols
test/external/imports/default-import/ts-esm/source/app.ts7 symbols
test/external/imports/default-import/ts-cjs/source/app.ts7 symbols
source/headers.ts7 symbols
test/library/headers-test.ts6 symbols
test/external/loggers/source/nestjs.ts6 symbols

Dependencies from manifests, versioned

@biomejs/biome2.4.6 · 1×
@eslint/js9.29.0 · 1×
@express-rate-limit/tsconfig1.0.2 · 1×
@jest/globals30.4.1 · 1×
@nestjs/common11.1.19 · 1×
@nestjs/core11.1.19 · 1×
@nestjs/platform-express11.1.19 · 1×
@types/express5.0.6 · 1×
@types/jest30.0.0 · 1×
@types/node25.7.0 · 1×
@types/supertest7.2.0 · 1×

Datastores touched

(mongodb)Database · 1 repos
test_dbDatabase · 1 repos

For agents

$ claude mcp add express-rate-limit \
  -- python -m otcore.mcp_server <graph>

⬇ download graph artifact