Skip to content

pavni006/API-Rate-Limiter

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

🚀 API Rate Limiter (Node.js)

A simple, customizable API Rate Limiter middleware for Node.js and Express.

Supports multiple rate limiting algorithms and is designed to be easy to use, plug-and-play, and beginner-friendly.


✨ Features

  • ✅ Multiple Algorithms:
    • Fixed Window
    • Sliding Window
    • Token Bucket
    • Leaky Bucket
  • ✅ Plug-and-play middleware
  • ✅ Custom key generation (IP / user / headers)
  • ✅ Rate limit headers support
  • ✅ Lightweight (no external dependencies)
  • ✅ Easy configuration

📦 Installation

Clone the repository:

git clone https://github.com/YOUR_USERNAME/api-rate-limiter.git
cd api-rate-limiter
npm install

⚙️ Basic Usage

Create a simple Express server:

const express = require("express");
const rateLimiter = require("./index");

const app = express();

// Apply rate limiter
app.use(rateLimiter({
    type: "fixedWindow",
    limit: 5,
    window: 10, // seconds
    headers: true
}));

app.get("/", (req, res) => {
    res.send("Working!");
});

app.listen(3000, () => {
    console.log("Server running on port 3000");
});

🧪 Testing the Rate Limiter

Run your server:

node test.js

Then send multiple requests:

curl -i http://localhost:3000

After exceeding the limit, you’ll get:

{
  "message": "Too many requests, please try again later."
}

📊 Rate Limit Headers

When enabled (headers: true), responses include:

X-RateLimit-Limit: 5
X-RateLimit-Remaining: 2
Retry-After: 5

These headers help clients understand usage and retry timing.

⚙️ Configuration Options

Option Description Default
type Algorithm type "tokenBucket"
limit Max requests 10
window Time window (seconds) 60
message Error message "Too many requests..."
statusCode HTTP status 429
headers Enable headers true
keyGenerator Custom key function req.ip
store Custom storage Memory store

🔀 Supported Algorithms

1. Fixed Window

  • Simple and fast
  • Resets after time window

2. Sliding Window

  • More accurate than fixed window
  • Prevents burst abuse

3. Token Bucket

  • Allows bursts
  • Smooth refill over time

4. Leaky Bucket

  • Constant request rate
  • Best for steady traffic

🔑 Custom Key Generator

You can rate limit per user instead of IP:

app.use(rateLimiter({
    limit: 5,
    keyGenerator: (req) => req.headers["user-id"]
}));

📁 Project Structure

API-RateLimiter/
│── algorithms/
│── middleware/
│── store/
│── utils/
│── config/
│── index.js

🧠 How It Works

Rate limiting helps prevent abuse and ensures system stability by restricting how many requests a client can make in a given time window.

This project:

  • Tracks requests per user/key
  • Applies chosen algorithm
  • Blocks requests when limit is exceeded

🚀 Future Improvements

  • Redis support (for distributed systems)
  • API key-based rate limiting
  • Dashboard for monitoring
  • npm package publishing

About

Concurrency-safe API rate limiting architecture in Node.js supporting 4 core scheduling algorithms to regulate traffic bursts and eliminate race conditions under high concurrent loads.

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors