-
Notifications
You must be signed in to change notification settings - Fork 1k
/
Copy pathratelimiter.js
133 lines (108 loc) · 3.43 KB
/
ratelimiter.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
'use strict';
var THREE_HOURS = 3 * 60 * 60 * 1000;
/**
* A rate limiter to be used as an express middleware.
*
* @param {Object} options
* @param {Object} options.node - The bitcore node object
* @param {Number} options.limit - Number of requests for normal rate limiter
* @param {Number} options.interval - Interval of the normal rate limiter
* @param {Array} options.whitelist - IP addresses that should have whitelist rate limiting
* @param {Array} options.blacklist - IP addresses that should be blacklist rate limiting
* @param {Number} options.whitelistLimit - Number of requests for whitelisted clients
* @param {Number} options.whitelistInterval - Interval for whitelisted clients
* @param {Number} options.blacklistLimit - Number of requests for blacklisted clients
* @param {Number} options.blacklistInterval - Interval for blacklisted clients
*/
function RateLimiter(options) {
if (!(this instanceof RateLimiter)) {
return new RateLimiter(options);
}
if (!options){
options = {};
}
this.node = options.node;
this.clients = {};
this.whitelist = options.whitelist || [];
this.blacklist = options.blacklist || [];
this.config = {
whitelist: {
totalRequests: options.whitelistLimit || 3 * 60 * 60 * 10, // 108,000
interval: options.whitelistInterval || THREE_HOURS
},
blacklist: {
totalRequests: options.blacklistLimit || 0,
interval: options.blacklistInterval || THREE_HOURS
},
normal: {
totalRequests: options.limit || 3 * 60 * 60, // 10,800
interval: options.interval || THREE_HOURS
}
};
}
RateLimiter.prototype.middleware = function() {
var self = this;
return function(req, res, next) {
self._middleware(req, res, next);
};
};
RateLimiter.prototype._middleware = function(req, res, next) {
var name = this.getClientName(req);
var client = this.clients[name];
res.ratelimit = {
clients: this.clients,
exceeded: false
};
if (!client) {
client = this.addClient(name);
}
res.setHeader('X-RateLimit-Limit', this.config[client.type].totalRequests);
res.setHeader('X-RateLimit-Remaining', this.config[client.type].totalRequests - client.visits);
res.ratelimit.exceeded = this.exceeded(client);
res.ratelimit.client = client;
if (!this.exceeded(client)) {
client.visits++;
next();
} else {
this.node.log.warn('Rate limited:', client);
res.status(429).jsonp({
status: 429,
error: 'Rate limit exceeded'
});
}
};
RateLimiter.prototype.exceeded = function(client) {
if (this.config[client.type].totalRequests === -1) {
return false;
} else {
return client.visits > this.config[client.type].totalRequests;
}
};
RateLimiter.prototype.getClientType = function(name) {
if (this.whitelist.indexOf(name) > -1) {
return 'whitelist';
}
if (this.blacklist.indexOf(name) > -1) {
return 'blacklist';
}
return 'normal';
};
RateLimiter.prototype.getClientName = function(req) {
var name = req.headers['cf-connecting-ip'] || req.headers['x-forwarded-for'] || req.connection.remoteAddress;
return name;
};
RateLimiter.prototype.addClient = function(name) {
var self = this;
var client = {
name: name,
type: this.getClientType(name),
visits: 1
};
var resetTime = this.config[client.type].interval;
setTimeout(function() {
delete self.clients[name];
}, resetTime).unref();
this.clients[name] = client;
return client;
};
module.exports = RateLimiter;