44 lines
1.3 KiB
JavaScript
44 lines
1.3 KiB
JavaScript
const rateLimit = require('express-rate-limit');
|
|
|
|
// General API rate limiter
|
|
const general = rateLimit({
|
|
windowMs: 15 * 60 * 1000, // 15 minutes
|
|
max: 100, // limit each IP to 100 requests per windowMs
|
|
message: {
|
|
error: 'Too many requests from this IP, please try again later.',
|
|
retryAfter: 15 * 60 // 15 minutes in seconds
|
|
},
|
|
standardHeaders: true, // Return rate limit info in the `RateLimit-*` headers
|
|
legacyHeaders: false, // Disable the `X-RateLimit-*` headers
|
|
});
|
|
|
|
// Email sending rate limiter
|
|
const email = rateLimit({
|
|
windowMs: 60 * 60 * 1000, // 1 hour
|
|
max: 10, // limit each IP to 10 emails per hour
|
|
message: {
|
|
error: 'Too many emails sent from this IP, please try again later.',
|
|
retryAfter: 60 * 60 // 1 hour in seconds
|
|
},
|
|
standardHeaders: true,
|
|
legacyHeaders: false,
|
|
skipSuccessfulRequests: false, // Don't skip counting successful requests
|
|
});
|
|
|
|
// Represent API rate limiter (more restrictive)
|
|
const representAPI = rateLimit({
|
|
windowMs: 60 * 1000, // 1 minute
|
|
max: 60, // match the Represent API limit of 60 requests per minute
|
|
message: {
|
|
error: 'Represent API rate limit exceeded, please try again later.',
|
|
retryAfter: 60 // 1 minute in seconds
|
|
},
|
|
standardHeaders: true,
|
|
legacyHeaders: false,
|
|
});
|
|
|
|
module.exports = {
|
|
general,
|
|
email,
|
|
representAPI
|
|
}; |