Skip to content
/ rate-limiting Public

A Node.js Express app demonstrating rate limiting with the MVC architecture. Limits API requests to prevent abuse: 100 requests per 15 minutes globally, 5 login attempts per 15 minutes. Includes helmet for security. Organized into controllers, routes, and configuration.

License

MIT license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

AchrefDevTN/rate-limiting

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
config
config
 
 
controllers
controllers
 
 
routes
routes
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
app.js
app.js
 
 
package-lock.json
package-lock.json
 
 
package.json
package.json
 
 

Repository files navigation

Rate Limiting

Rate Limiting

Overview

This repository provides a comprehensive implementation of rate limiting using Node.js and Express. The project showcases best practices in applying global and route-specific rate limits to prevent abuse and ensure fair usage.

Table of Contents

Features

  • Global Rate Limiting: Limits the number of requests per IP address to prevent abuse.
  • Login Rate Limiting: Specifically limits login attempts to mitigate brute force attacks.
  • Security Enhancements: Utilizes Helmet for basic security improvements.

Tech Stack

  • Backend: Node.js, Express
  • Rate Limiting: express-rate-limit
  • Security: Helmet
  • Environment Management: dotenv

Prerequisites

Ensure you have the following installed and configured on your machine:

  • Node.js: Version 14 or higher. Download here.
  • MySQL: MySQL server or a compatible database for future expansions. Download here.

For installation assistance, refer to the official documentation or guides.

Setup

  1. Clone the repository:

    git clone https://github.com/AchrefDevTN/rate-limiting.git

  2. Navigate into the project directory:

    cd rate-limiting

  3. Install dependencies:

    npm install

  4. Create a .env file in the root directory: (Copy the contents below and configure your environment variables)

    PORT=5000

  5. Run the application:

    • For development
    npm run dev
    • For production
    npm start

  6. Access the API:

    • The server will be running on
    http://localhost:5000

API Endpoints

  • GET /api/
    Returns a welcome message.
    Response:

    {
   "message": "Welcome to the Rate Limiting API!"
}

  • POST /api/login
    Logs in a user and applies rate limiting.
    Request body:

    {
  "username": "string",
  "password": "string"
}

    Response:

    {
  "message": "Login successful"
}

Global Rate Limiter

  • Limits: 100 requests per 15 minutes per IP
  • Message: Too many requests from this IP, please try again later.

Login Rate Limiter

  • Limits: 5 login attempts per 15 minutes per IP
  • Message: Too many login attempts from this IP, please try again later.

Contributing

If you have suggestions or improvements, please submit an issue or pull request. Contributions are welcome!

License

This project is licensed under the MIT License. See the LICENSE file for details.

🔗 Links

linkedin

Node.js Express Rate Limiting License
Node.js Express Rate Limiting License

About

A Node.js Express app demonstrating rate limiting with the MVC architecture. Limits API requests to prevent abuse: 100 requests per 15 minutes globally, 5 login attempts per 15 minutes. Includes helmet for security. Organized into controllers, routes, and configuration.

Topics

nodejs rate-limiting expressjs web-security api-rate-limiting

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages