tunnckocore / koa-better-ratelimit Goto Github PK

I want to be able to set up my own custom id functions, like in koa-ratelimit:

id: function (context) {
    return context.ip;
  }

In particular, I am trying to limit the rate of my entire application, not just per-user, so my custom id function might look like:

id: function () { return -1; }

1. Hi. Trying to test:

const Koa=require('koa2');
const limiter=require('./index.js');
const app=new Koa();
app.use(limiter({
id:function(){return '0.0.0.0'},
duration:1000*20,
max:2,
throw:true
}))
app.use(ctx=>{
ctx.body="hello world";
});
app.listen(5000);
console.log('Server started at port 5000');

But
ReferenceError: options is not defined
at betterRatelimit (/home/globik/koa-better-ratelimit/index.js:33:8)
at dispatch (/home/globik/koa-better-ratelimit/node_modules/koa-compose/index.js:44:32)
at next (/home/globik/koa-better-ratelimit/node_modules/koa-compose/index.js:45:18)
at createGenerator (/home/globik/koa-better-ratelimit/node_modules/koa-convert/index.js:24:16)
at createGenerator.next ()
at Object. (/home/globik/koa-better-ratelimit/node_modules/koa-ip-filter/index.js:77:20)
at Generator.next ()
at onFulfilled (/home/globik/koa-better-ratelimit/node_modules/co/index.js:65:19)
at /home/globik/koa-better-ratelimit/node_modules/co/index.js:54:5
at Object.co (/home/globik/koa-better-ratelimit/node_modules/co/index.js:50:10)
What for the "options"?
2. Where can I find koa-better-ratelimit version 3.0?

Perhaps I'm being really stupid, but this line index.js#L95 seems to suggest only adjacent requests from the same IP will be rate limited. If another request comes in from another IP address, previous rate limit records will be ignored and a new one created.

I couldn't figure out an easy way to write a test for this.

bug in index.js#L29-L33, no way to provide duration, limited and max from the main opts object

released by b5a26d4

Having ratelimit in development/testing environment makes testing work hard, as we always need to wait...

Is there any way to disable this in development/testing environment?

Need help for improving coverage to 100% - help appreciated

Currently throwing this alert because of old generator signature.

0|react-ap | Mon, 09 Oct 2017 08:47:12 GMT koa deprecated Support for generators will be removed in v3. See the documentation for examples of how to convert old middleware https://github.com/koajs/koa/blob/master/docs/migration.md
0|react-ap |     at Object.<anonymous> (/Users/damz/Desktop/react-app/index.js:23:5)
0|react-ap |     at Module._compile (module.js:624:30)
0|react-ap |     at Object.Module._extensions..js (module.js:635:10)
0|react-ap |     at Module.load (module.js:545:32)
0|react-ap |     at tryModuleLoad (module.js:508:12)
0|react-ap |     at Function.Module._load (module.js:500:3)

I understand that this was built using in-memory stores by design but it might be helpful to others to add a caveats section to the README.

This is so that people understand that this type of store will only work effectively if you're running on a single machine or you want to enforce limits on a per-machine basis.

@diorahman
@stanzhai
@cvan
@crowl
@thelinuxlich
@ruimarinho
@yoshuawuyts
@rationalthug
Hi guys! If you're using the middleware, please upgrade to 2.0.1, because previous versions not works correctly.
Now works as I and maybe all expects.

Now the blocked IP will can make requests again after duration - that not works before, it stayed blocked forever.

• remove env option
• remove ipchecker
• add id option #6
• code base refactoring
• more and better tests
• apply feross/standard #8
• when tunnckoCore/ideas#17 is done

This middleware helps to mitigate DoS attacks, so if I want to limit any user to 5 requests per minute, I'd write it like this:

app.use(limit({
  duration: 1000 * 60 * 1,
  max: 5
}));

Right?

• and cleanup root
• keep a changelog (adheres semver/ferver)
• rename readme, license, etc stuff
• update/fix readme/badges/links style