Comments (7)
nfriedly
commented on July 24, 2024
1
Step 1 is done - we now have full test coverage across windows, mac, and linux with multiple versions of node.js tested on each.
I'm toying with the idea of rebuilding express-slow-down on top of express-rate-limit, essentially as just a custom handler callback that delays the request instead of responding with an error page. I think it would solve the store compatibility issue once and for all, while at the same time making this repo smaller and simpler.
from express-slow-down.
ouraios
commented on July 24, 2024
1
@nfriedly i couldnt agree more about your idea of rebuilding express-slow-down into express-rate-limit, that would make things way easier to handle with only one package to use by everyone. After all slowing down request usually go with rate limit
from express-slow-down.
nfriedly
commented on July 24, 2024
For now, you should go with the older version of rate-limit-redis.
This project should get updated to support the new API, but that is going to be a fairly involved process and won't happen very quickly.
from express-slow-down.
ouraios
commented on July 24, 2024
@nfriedly The problem here is that your other package https://github.com/nfriedly/express-rate-limit is compatible with latest version of rate-limit-redis and make it very uncomfortable to use both library in a same project if we want latest version on each of them :/
Maybe i can help to make it usable for both old and new api of store ?
from express-slow-down.
nfriedly
commented on July 24, 2024
Well, the latest version express-rate-limit is backwards compatible with the older version of rate-limit-redis, so that shouldn't be an issue. rate-limit-redis is the only one you'll need to pin to an older version for now.
But, yes, if you can update express-slow-down to support the newer API, I would appreciate that.
The roadmap in my mind was to fix up the test reliability first, and then update the API, possibly converting to typescript at the same time as the API update. That's the basic path we took for express-rate-limit.
from express-slow-down.
huksley
commented on July 24, 2024
when this could be solved? it does not work out of the box, maybe there is some glue code someone have?
from express-slow-down.
nfriedly
commented on July 24, 2024
Thanks to @AdrianoRuberto v1.6.0 now has support for the newer promise-based Store API that express-rate-limit now uses. It should also retain backwards compatibility with older stores.
Please test it out and let me know if you run into any issues.
from express-slow-down.
Related Issues (17)
- Look into using req.rateLimit / req.slowDown to share data with express-rate-limit instead of needing a second store HOT 1
- Logging when threshold met HOT 1
- delayAfter = 0 does not disable rate slowdown HOT 1
- Allow failed requests to count twice HOT 2
- Rationale behind linear backoff HOT 3
- Question: Is delay per IP or for all IPs? HOT 1
- Release v1.4.1 fails test HOT 6
- On v1.4.1 when slow delay is triggered the http request end up hanging up indefinitly and never being resolved HOT 19
- TypeError: Cannot read properties of undefined (reading 'toString') HOT 3
- Add support for modern store interface HOT 1
- onLimitReached , or running custom code HOT 2
- user passed in validate overwrites `limit: false` HOT 4
- CVE-2024-29041 vulnerability of Express.js HOT 1
- Add maximum value to slow down delay
- maxDelayMs missing from @types/express-slow-down HOT 1
- req.ip is undefiend on production HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from express-slow-down.