WayrApp Backend & Ecosystem Documentation - v1.0.0
    Preparing search index...

    Function createRateLimiter

    • Rate Limiter Factory Function

      Creates configurable rate limiting middleware to protect against abuse and DoS attacks. This factory function generates express-rate-limit middleware instances with custom time windows and request limits. When limits are exceeded, the middleware responds with a standardized error format and logs the violation for security monitoring.

      The rate limiter uses IP-based tracking and includes proper HTTP headers to inform clients about rate limit status. Failed requests are logged with IP address, user agent, and request details for security analysis.

      Parameters

      • OptionalwindowMs: number = ...

        Time window in milliseconds (default: 15 minutes)

      • Optionalmax: number = 100

        Maximum number of requests per window (default: 100)

      Returns RateLimitRequestHandler

      Express middleware function for rate limiting

      // Create custom rate limiter for API endpoints
      const apiLimiter = createRateLimiter(
      60 * 1000, // 1 minute window
      50 // 50 requests per minute
      );

      app.use('/api', apiLimiter);
      // Strict rate limiter for sensitive operations
      const strictLimiter = createRateLimiter(
      5 * 60 * 1000, // 5 minute window
      3 // 3 requests per 5 minutes
      );

      app.use('/api/admin', strictLimiter);
      // Rate limiter response format when limit exceeded
      // HTTP 429 Too Many Requests
      {
      "error": {
      "code": "RATE_LIMIT_ERROR",
      "message": "Too many requests from this IP, please try again later.",
      "timestamp": "2024-01-20T10:30:00.000Z",
      "path": "/api/v1/auth/login"
      }
      }