Add rate limiter (#198)

Author: brookslybrand

package-lock.json

@@ -25,6 +25,7 @@
     "compression": "^1.7.5",
     "escape-goat": "^4.0.0",
     "express": "^4.21.2",
+    "express-rate-limit": "^8.0.1",
     "follow-redirects": "^1.15.9",
     "front-matter": "^4.0.2",
     "gray-matter": "^4.0.3",

package.json

@@ -1,6 +1,7 @@
 import compression from "compression";
 import express from "express";
 import morgan from "morgan";
+import { rateLimit } from "express-rate-limit";
 
 // Short-circuit the type-checking of the built output.
 const BUILD_PATH = "./build/server/index.js";
@@ -9,6 +10,15 @@ const PORT = Number.parseInt(process.env.PORT || "3000");
 
 const app = express();
 
+const limiter = rateLimit({
+  windowMs: 2 * 60 * 1000, // 2 minutes
+  max: 1000,
+  standardHeaders: true,
+  legacyHeaders: false,
+});
+
+app.use(limiter);
+
 app.use(compression());
 app.disable("x-powered-by");