@creator.co/wapi 1.8.4 → 1.8.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +2 -0
- package/dist/index.d.ts +9 -4
- package/dist/index.js +7 -2
- package/dist/index.js.map +1 -1
- package/dist/package-lock.json +31 -2
- package/dist/package.json +4 -2
- package/dist/src/Server/Router.d.ts +51 -0
- package/dist/src/Server/Router.js.map +1 -1
- package/dist/src/Server/lib/container/Proxy.d.ts +14 -0
- package/dist/src/Server/lib/container/Proxy.js +70 -0
- package/dist/src/Server/lib/container/Proxy.js.map +1 -1
- package/index.ts +17 -3
- package/package.json +4 -2
- package/src/Server/Router.ts +54 -0
- package/src/Server/lib/container/Proxy.ts +83 -1
- package/tests/Server/lib/container/RateLimit.test.ts +772 -0
package/README.md
CHANGED
|
@@ -44,6 +44,8 @@ AWS Lambda Functionality: Deploy your code as AWS Lambda functions with ease, pr
|
|
|
44
44
|
|
|
45
45
|
Hybrid HTTP Servers: Create hybrid HTTP servers that seamlessly combine serverless and container-based architectures, allowing deployment in various environments.
|
|
46
46
|
|
|
47
|
+
**Rate Limiting:** Built-in support for request rate limiting to prevent API abuse and protect downstream services. Supports both in-memory and Redis-backed stores for distributed deployments.
|
|
48
|
+
|
|
47
49
|
Crypto Utilities: WAPI provides utility classes for cryptographic operations, including encryption and decryption using AWS KMS. Securely manage sensitive data with ease.
|
|
48
50
|
|
|
49
51
|
Email Sending: The Mailer class simplifies sending emails using AWS SES. Send both raw and templated emails with customizable parameters, enhancing communication capabilities.
|
package/dist/index.d.ts
CHANGED
|
@@ -10,14 +10,14 @@ import Crypto from './src/Crypto/Crypto.js';
|
|
|
10
10
|
import JWT from './src/Crypto/JWT.js';
|
|
11
11
|
import * as Database from './src/Database/index.js';
|
|
12
12
|
import Mailer from './src/Mailer/Mailer.js';
|
|
13
|
-
import Router, { Route } from './src/Server/Router.js';
|
|
13
|
+
import Router, { Route, RateLimitConfig, GlobalRateLimitConfig, RouterConfig } from './src/Server/Router.js';
|
|
14
14
|
import AsyncSingleton from './src/Util/AsyncSingleton.js';
|
|
15
15
|
import Utils from './src/Util/Utils.js';
|
|
16
16
|
/**
|
|
17
17
|
* This module exports various classes and utilities for handling transactions, processes, events,
|
|
18
18
|
* DynamoDB transactions, routing, mailing, cryptography, JWT, configuration, Redis, responses,
|
|
19
19
|
* utilities, asynchronous singletons, routes, transaction configurations, response error types,
|
|
20
|
-
* HTTP methods, and
|
|
20
|
+
* HTTP methods, database operations, and rate limiting configurations.
|
|
21
21
|
*
|
|
22
22
|
* Classes:
|
|
23
23
|
* - Transaction
|
|
@@ -35,10 +35,15 @@ import Utils from './src/Util/Utils.js';
|
|
|
35
35
|
* - AsyncSingleton
|
|
36
36
|
* - Route
|
|
37
37
|
* - TransactionConfig
|
|
38
|
+
* - RouterConfig
|
|
38
39
|
* - Database
|
|
39
40
|
*
|
|
41
|
+
* Types:
|
|
42
|
+
* - RateLimitConfig - Route-level rate limiting configuration
|
|
43
|
+
* - GlobalRateLimitConfig - Global rate limiting configuration
|
|
44
|
+
*
|
|
40
45
|
* Enums:
|
|
41
46
|
* - ResponseErrorType
|
|
42
|
-
* -
|
|
47
|
+
* - HttpMethod
|
|
43
48
|
*/
|
|
44
|
-
export { Transaction, Process, EventProcessor, DynamoTransaction, Router, Mailer, Crypto, JWT, Configuration, Redis, Response, Utils, AsyncSingleton, Route, TransactionConfig, ResponseErrorType, HttpMethod, Database, };
|
|
49
|
+
export { Transaction, Process, EventProcessor, DynamoTransaction, Router, Mailer, Crypto, JWT, Configuration, Redis, Response, Utils, AsyncSingleton, Route, TransactionConfig, RouterConfig, RateLimitConfig, GlobalRateLimitConfig, ResponseErrorType, HttpMethod, Database, };
|
package/dist/index.js
CHANGED
|
@@ -17,7 +17,7 @@ import Utils from './src/Util/Utils.js';
|
|
|
17
17
|
* This module exports various classes and utilities for handling transactions, processes, events,
|
|
18
18
|
* DynamoDB transactions, routing, mailing, cryptography, JWT, configuration, Redis, responses,
|
|
19
19
|
* utilities, asynchronous singletons, routes, transaction configurations, response error types,
|
|
20
|
-
* HTTP methods, and
|
|
20
|
+
* HTTP methods, database operations, and rate limiting configurations.
|
|
21
21
|
*
|
|
22
22
|
* Classes:
|
|
23
23
|
* - Transaction
|
|
@@ -35,11 +35,16 @@ import Utils from './src/Util/Utils.js';
|
|
|
35
35
|
* - AsyncSingleton
|
|
36
36
|
* - Route
|
|
37
37
|
* - TransactionConfig
|
|
38
|
+
* - RouterConfig
|
|
38
39
|
* - Database
|
|
39
40
|
*
|
|
41
|
+
* Types:
|
|
42
|
+
* - RateLimitConfig - Route-level rate limiting configuration
|
|
43
|
+
* - GlobalRateLimitConfig - Global rate limiting configuration
|
|
44
|
+
*
|
|
40
45
|
* Enums:
|
|
41
46
|
* - ResponseErrorType
|
|
42
|
-
* -
|
|
47
|
+
* - HttpMethod
|
|
43
48
|
*/
|
|
44
49
|
export {
|
|
45
50
|
// Base Events
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAA;AACjD,OAAO,QAA+B,MAAM,uBAAuB,CAAA;AACnE,OAAO,iBAAiB,MAAM,sCAAsC,CAAA;AACpE,OAAO,cAAc,MAAM,mCAAmC,CAAA;AAC9D,OAAO,OAAO,MAAM,4BAA4B,CAAA;AAChD,OAAO,WAAkC,MAAM,gCAAgC,CAAA;AAC/E,OAAO,KAAK,MAAM,sBAAsB,CAAA;AACxC,OAAO,aAAa,MAAM,+BAA+B,CAAA;AACzD,OAAO,MAAM,MAAM,wBAAwB,CAAA;AAC3C,OAAO,GAAG,MAAM,qBAAqB,CAAA;AACrC,OAAO,KAAK,QAAQ,MAAM,yBAAyB,CAAA;AACnD,OAAO,MAAM,MAAM,wBAAwB,CAAA;AAC3C,OAAO,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAA;AACjD,OAAO,QAA+B,MAAM,uBAAuB,CAAA;AACnE,OAAO,iBAAiB,MAAM,sCAAsC,CAAA;AACpE,OAAO,cAAc,MAAM,mCAAmC,CAAA;AAC9D,OAAO,OAAO,MAAM,4BAA4B,CAAA;AAChD,OAAO,WAAkC,MAAM,gCAAgC,CAAA;AAC/E,OAAO,KAAK,MAAM,sBAAsB,CAAA;AACxC,OAAO,aAAa,MAAM,+BAA+B,CAAA;AACzD,OAAO,MAAM,MAAM,wBAAwB,CAAA;AAC3C,OAAO,GAAG,MAAM,qBAAqB,CAAA;AACrC,OAAO,KAAK,QAAQ,MAAM,yBAAyB,CAAA;AACnD,OAAO,MAAM,MAAM,wBAAwB,CAAA;AAC3C,OAAO,MAKN,MAAM,wBAAwB,CAAA;AAC/B,OAAO,cAAc,MAAM,8BAA8B,CAAA;AACzD,OAAO,KAAK,MAAM,qBAAqB,CAAA;AAEvC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AACH,OAAO;AACL,cAAc;AACd,WAAW,EACX,OAAO,EACP,cAAc,EACd,iBAAiB,EACjB,MAAM;AACN,iCAAiC;AACjC,MAAM,EACN,MAAM,EACN,GAAG,EACH,aAAa,EACb,KAAK;AACL,MAAM;AACN,QAAQ;AACR,UAAU;AACV,KAAK,EACL,cAAc,EASd,UAAU,EACV,QAAQ,GACT,CAAA"}
|
package/dist/package-lock.json
CHANGED
|
@@ -1,12 +1,12 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@creator.co/wapi",
|
|
3
|
-
"version": "1.8.
|
|
3
|
+
"version": "1.8.5",
|
|
4
4
|
"lockfileVersion": 3,
|
|
5
5
|
"requires": true,
|
|
6
6
|
"packages": {
|
|
7
7
|
"": {
|
|
8
8
|
"name": "@creator.co/wapi",
|
|
9
|
-
"version": "1.8.
|
|
9
|
+
"version": "1.8.5",
|
|
10
10
|
"license": "ISC",
|
|
11
11
|
"dependencies": {
|
|
12
12
|
"@aws-sdk/client-dynamodb": "^3.651.1",
|
|
@@ -27,6 +27,7 @@
|
|
|
27
27
|
"dotenv": "^16.4.1",
|
|
28
28
|
"email-templates": "^12.0.2",
|
|
29
29
|
"express": "^4.22.0",
|
|
30
|
+
"express-rate-limit": "^7.5.0",
|
|
30
31
|
"json-stringify-safe": "^5.0.1",
|
|
31
32
|
"jsonwebtoken": "^9.0.2",
|
|
32
33
|
"knex": "^3.0.1",
|
|
@@ -37,6 +38,7 @@
|
|
|
37
38
|
"parse-duration": "^2.1.3",
|
|
38
39
|
"path-to-regexp": "^8.1.0",
|
|
39
40
|
"pg": "^8.11.3",
|
|
41
|
+
"rate-limit-redis": "^4.2.0",
|
|
40
42
|
"redis": "^4.7.0",
|
|
41
43
|
"sha1": "^1.1.1",
|
|
42
44
|
"stack-trace": "0.0.10",
|
|
@@ -6619,6 +6621,21 @@
|
|
|
6619
6621
|
"url": "https://opencollective.com/express"
|
|
6620
6622
|
}
|
|
6621
6623
|
},
|
|
6624
|
+
"node_modules/express-rate-limit": {
|
|
6625
|
+
"version": "7.5.1",
|
|
6626
|
+
"resolved": "https://registry.npmjs.org/express-rate-limit/-/express-rate-limit-7.5.1.tgz",
|
|
6627
|
+
"integrity": "sha512-7iN8iPMDzOMHPUYllBEsQdWVB6fPDMPqwjBaFrgr4Jgr/+okjvzAy+UHlYYL/Vs0OsOrMkwS6PJDkFlJwoxUnw==",
|
|
6628
|
+
"license": "MIT",
|
|
6629
|
+
"engines": {
|
|
6630
|
+
"node": ">= 16"
|
|
6631
|
+
},
|
|
6632
|
+
"funding": {
|
|
6633
|
+
"url": "https://github.com/sponsors/express-rate-limit"
|
|
6634
|
+
},
|
|
6635
|
+
"peerDependencies": {
|
|
6636
|
+
"express": ">= 4.11"
|
|
6637
|
+
}
|
|
6638
|
+
},
|
|
6622
6639
|
"node_modules/express/node_modules/debug": {
|
|
6623
6640
|
"version": "2.6.9",
|
|
6624
6641
|
"resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz",
|
|
@@ -11080,6 +11097,18 @@
|
|
|
11080
11097
|
"node": ">= 0.6"
|
|
11081
11098
|
}
|
|
11082
11099
|
},
|
|
11100
|
+
"node_modules/rate-limit-redis": {
|
|
11101
|
+
"version": "4.3.1",
|
|
11102
|
+
"resolved": "https://registry.npmjs.org/rate-limit-redis/-/rate-limit-redis-4.3.1.tgz",
|
|
11103
|
+
"integrity": "sha512-+a1zU8+D7L8siDK9jb14refQXz60vq427VuiplgnaLk9B2LnvGe/APLTfhwb4uNIL7eWVknh8GnRp/unCj+lMA==",
|
|
11104
|
+
"license": "MIT",
|
|
11105
|
+
"engines": {
|
|
11106
|
+
"node": ">= 16"
|
|
11107
|
+
},
|
|
11108
|
+
"peerDependencies": {
|
|
11109
|
+
"express-rate-limit": ">= 6"
|
|
11110
|
+
}
|
|
11111
|
+
},
|
|
11083
11112
|
"node_modules/raw-body": {
|
|
11084
11113
|
"version": "2.5.2",
|
|
11085
11114
|
"resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.5.2.tgz",
|
package/dist/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@creator.co/wapi",
|
|
3
|
-
"version": "1.8.
|
|
3
|
+
"version": "1.8.5",
|
|
4
4
|
"description": "",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|
|
@@ -50,7 +50,9 @@
|
|
|
50
50
|
"redis": "^4.7.0",
|
|
51
51
|
"sha1": "^1.1.1",
|
|
52
52
|
"stack-trace": "0.0.10",
|
|
53
|
-
"zod": "^3.23.4"
|
|
53
|
+
"zod": "^3.23.4",
|
|
54
|
+
"express-rate-limit": "^7.5.0",
|
|
55
|
+
"rate-limit-redis": "^4.2.0"
|
|
54
56
|
},
|
|
55
57
|
"devDependencies": {
|
|
56
58
|
"@go-task/cli": "^3.39.0",
|
|
@@ -1,9 +1,48 @@
|
|
|
1
1
|
import { Server as HTTPServer } from 'http';
|
|
2
2
|
import express from 'express';
|
|
3
|
+
import type { RedisClientType } from 'redis';
|
|
3
4
|
import { z } from 'zod';
|
|
4
5
|
import { HttpMethod } from '../API/Request.js';
|
|
5
6
|
import { ResponseErrorType } from '../API/Response.js';
|
|
6
7
|
import Transaction, { TransactionConfig, TransactionExecution, StringMap } from '../BaseEvent/Transaction.js';
|
|
8
|
+
/**
|
|
9
|
+
* Configuration options for rate limiting on a specific route.
|
|
10
|
+
* @property {number} [windowMs] - Time window in milliseconds for rate limiting (default: 60000 - 1 minute)
|
|
11
|
+
* @property {number} [limit] - Maximum number of requests allowed per window (default: 60)
|
|
12
|
+
* @property {string} [message] - Custom error message for rate limit exceeded
|
|
13
|
+
* @property {'ip' | 'userId' | ((req: express.Request) => string)} [keyGenerator] - Strategy for generating rate limit keys
|
|
14
|
+
*/
|
|
15
|
+
export interface RateLimitConfig {
|
|
16
|
+
windowMs?: number;
|
|
17
|
+
limit?: number;
|
|
18
|
+
message?: string;
|
|
19
|
+
keyGenerator?: 'ip' | 'userId' | ((req: express.Request) => string);
|
|
20
|
+
skip?: (req: express.Request) => boolean;
|
|
21
|
+
}
|
|
22
|
+
/**
|
|
23
|
+
* Global rate limiting configuration for the router.
|
|
24
|
+
* @property {boolean} [enabled] - Whether rate limiting is enabled (default: true if config provided)
|
|
25
|
+
* @property {number} [windowMs] - Time window in milliseconds (default: 60000 - 1 minute)
|
|
26
|
+
* @property {number} [limit] - Maximum requests per window per key (default: 60)
|
|
27
|
+
* @property {(req: express.Request) => string} [keyGenerator] - Function to generate rate limit key (default: IP-based)
|
|
28
|
+
* @property {(req: express.Request, res: express.Response) => void} [handler] - Custom handler for rate limit exceeded
|
|
29
|
+
* @property {(req: express.Request) => boolean} [skip] - Function to skip rate limiting for certain requests
|
|
30
|
+
* @property {'memory' | 'redis'} [store] - Storage backend for rate limit data
|
|
31
|
+
* @property {object} [redis] - Redis configuration when using Redis store
|
|
32
|
+
*/
|
|
33
|
+
export interface GlobalRateLimitConfig {
|
|
34
|
+
enabled?: boolean;
|
|
35
|
+
windowMs?: number;
|
|
36
|
+
limit?: number;
|
|
37
|
+
keyGenerator?: (req: express.Request) => string;
|
|
38
|
+
handler?: (req: express.Request, res: express.Response) => void;
|
|
39
|
+
skip?: (req: express.Request) => boolean;
|
|
40
|
+
store?: 'memory' | 'redis';
|
|
41
|
+
redis?: {
|
|
42
|
+
client: RedisClientType;
|
|
43
|
+
prefix?: string;
|
|
44
|
+
};
|
|
45
|
+
}
|
|
7
46
|
/**
|
|
8
47
|
* Represents a route in an API.
|
|
9
48
|
* @template InputType - The type of the input data for the route.
|
|
@@ -64,6 +103,12 @@ export interface Route<InputType = never, OutputType = never, PathParamsType = S
|
|
|
64
103
|
[key: string]: string[] | never[];
|
|
65
104
|
}[];
|
|
66
105
|
};
|
|
106
|
+
/**
|
|
107
|
+
* Optional rate limiting configuration for this specific route.
|
|
108
|
+
* Set to `false` to disable global rate limiting for this route.
|
|
109
|
+
* @type {RateLimitConfig | false}
|
|
110
|
+
*/
|
|
111
|
+
rateLimit?: RateLimitConfig | false;
|
|
67
112
|
}
|
|
68
113
|
export type AnyRoute = Route<any | never, any | never, any | never, any | never>;
|
|
69
114
|
/**
|
|
@@ -115,6 +160,12 @@ export type RouterConfig = TransactionConfig & {
|
|
|
115
160
|
* @type {string | undefined}
|
|
116
161
|
*/
|
|
117
162
|
healthCheckRoute?: string;
|
|
163
|
+
/**
|
|
164
|
+
* Global rate limiting configuration for all routes.
|
|
165
|
+
* Individual routes can override this with their own rateLimit config.
|
|
166
|
+
* @type {GlobalRateLimitConfig | undefined}
|
|
167
|
+
*/
|
|
168
|
+
rateLimit?: GlobalRateLimitConfig;
|
|
118
169
|
containerSetupHook?: (server: HTTPServer, app: express.Express) => Promise<void>;
|
|
119
170
|
};
|
|
120
171
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Router.js","sourceRoot":"","sources":["../../../src/Server/Router.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"Router.js","sourceRoot":"","sources":["../../../src/Server/Router.ts"],"names":[],"mappings":"AAMA,OAAO,eAAe,MAAM,0BAA0B,CAAA;AACtD,OAAO,MAAM,MAAM,iBAAiB,CAAA;AAQpC,OAAO,KAAK,MAAM,kBAAkB,CAAA;AA+LpC;;GAEG;AACH,MAAM,CAAC,OAAO,OAAO,MAAM;IAUzB;;;;OAIG;IACH,YAAY,MAAoB;QAC9B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;QACpB,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,IAAI,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,MAAM,CAAC,CAAA;IACrF,CAAC;IAED;;;OAGG;IACI,SAAS;QACd,OAAO,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAA;IAChC,CAAC;IAED;;;OAGG;IACK,WAAW;QACjB,OAAO,KAAK,CAAC,qBAAqB,EAAE,CAAA;IACtC,CAAC;CACF"}
|
|
@@ -64,4 +64,18 @@ export default class Proxy {
|
|
|
64
64
|
* @returns None
|
|
65
65
|
*/
|
|
66
66
|
private installRoutes;
|
|
67
|
+
/**
|
|
68
|
+
* Creates rate limiting middleware based on the provided configuration.
|
|
69
|
+
* @param {GlobalRateLimitConfig} config - The rate limit configuration
|
|
70
|
+
* @returns {express.RequestHandler} Express middleware for rate limiting
|
|
71
|
+
* @private
|
|
72
|
+
*/
|
|
73
|
+
private createRateLimitMiddleware;
|
|
74
|
+
/**
|
|
75
|
+
* Creates the appropriate store for rate limiting based on configuration.
|
|
76
|
+
* @param {GlobalRateLimitConfig} config - The rate limit configuration
|
|
77
|
+
* @returns {RedisStore | undefined} Redis store if configured, undefined for in-memory
|
|
78
|
+
* @private
|
|
79
|
+
*/
|
|
80
|
+
private createRateLimitStore;
|
|
67
81
|
}
|
|
@@ -11,6 +11,8 @@ import fs from 'fs';
|
|
|
11
11
|
import { createServer } from 'http';
|
|
12
12
|
import cors from 'cors';
|
|
13
13
|
import express from 'express';
|
|
14
|
+
import { rateLimit } from 'express-rate-limit';
|
|
15
|
+
import { RedisStore } from 'rate-limit-redis';
|
|
14
16
|
import GenericHandler from './GenericHandler.js';
|
|
15
17
|
import HealthHandler from './HealthHandler.js';
|
|
16
18
|
import Globals from '../../../Globals.js';
|
|
@@ -47,6 +49,12 @@ export default class Proxy {
|
|
|
47
49
|
credentials: !!corsConfig.allowCredentials,
|
|
48
50
|
}
|
|
49
51
|
: {}));
|
|
52
|
+
// Apply global rate limiting if configured
|
|
53
|
+
if (this.config.rateLimit && this.config.rateLimit.enabled !== false) {
|
|
54
|
+
console.log('[Proxy] - [RATE-LIMIT] - Global rate limiting enabled');
|
|
55
|
+
const rateLimitMiddleware = this.createRateLimitMiddleware(this.config.rateLimit);
|
|
56
|
+
this.app.use(rateLimitMiddleware);
|
|
57
|
+
}
|
|
50
58
|
// //This supposedly fix some 502 codes where nodejs socket would hang during
|
|
51
59
|
// //a request and if behind ALB, it would cause 502 codes. Had experiencied this
|
|
52
60
|
// //and 502 codes reduced dramastically, but still some appearances. Maybe this
|
|
@@ -143,5 +151,67 @@ export default class Proxy {
|
|
|
143
151
|
//load balancer and we just foward everything we have to the function.
|
|
144
152
|
this.app.route(Globals.Listener_HTTP_ProxyRoute).all(GenericHandler(this.serverlessHandler));
|
|
145
153
|
}
|
|
154
|
+
/**
|
|
155
|
+
* Creates rate limiting middleware based on the provided configuration.
|
|
156
|
+
* @param {GlobalRateLimitConfig} config - The rate limit configuration
|
|
157
|
+
* @returns {express.RequestHandler} Express middleware for rate limiting
|
|
158
|
+
* @private
|
|
159
|
+
*/
|
|
160
|
+
createRateLimitMiddleware(config) {
|
|
161
|
+
const store = this.createRateLimitStore(config);
|
|
162
|
+
return rateLimit({
|
|
163
|
+
windowMs: config.windowMs || 60000, // Default: 1 minute
|
|
164
|
+
limit: config.limit || 60, // Default: 60 requests per windowMs
|
|
165
|
+
standardHeaders: true, // Return rate limit info in `RateLimit-*` headers
|
|
166
|
+
legacyHeaders: false, // Disable `X-RateLimit-*` headers
|
|
167
|
+
// Key generator - how to identify unique clients
|
|
168
|
+
keyGenerator: config.keyGenerator ||
|
|
169
|
+
((req) => {
|
|
170
|
+
var _a, _b;
|
|
171
|
+
// Use IP address from proxy-aware sources
|
|
172
|
+
return (req.ip ||
|
|
173
|
+
((_b = (_a = req.headers['x-forwarded-for']) === null || _a === void 0 ? void 0 : _a.split(',')[0]) === null || _b === void 0 ? void 0 : _b.trim()) ||
|
|
174
|
+
req.socket.remoteAddress ||
|
|
175
|
+
'unknown');
|
|
176
|
+
}),
|
|
177
|
+
// Custom handler when rate limit is exceeded
|
|
178
|
+
handler: config.handler ||
|
|
179
|
+
((req, res) => {
|
|
180
|
+
// Log rate limit violation
|
|
181
|
+
console.warn('[Proxy] - [RATE-LIMIT] - Limit exceeded', {
|
|
182
|
+
ip: req.ip,
|
|
183
|
+
path: req.path,
|
|
184
|
+
method: req.method,
|
|
185
|
+
timestamp: new Date().toISOString(),
|
|
186
|
+
});
|
|
187
|
+
res.status(429).json({
|
|
188
|
+
error: 'rate_limit_exceeded',
|
|
189
|
+
message: 'Too many requests. Please try again later.',
|
|
190
|
+
});
|
|
191
|
+
}),
|
|
192
|
+
// Skip function - allows bypassing rate limiting for certain requests
|
|
193
|
+
skip: config.skip,
|
|
194
|
+
// Store - use Redis if configured, otherwise in-memory
|
|
195
|
+
store: store,
|
|
196
|
+
});
|
|
197
|
+
}
|
|
198
|
+
/**
|
|
199
|
+
* Creates the appropriate store for rate limiting based on configuration.
|
|
200
|
+
* @param {GlobalRateLimitConfig} config - The rate limit configuration
|
|
201
|
+
* @returns {RedisStore | undefined} Redis store if configured, undefined for in-memory
|
|
202
|
+
* @private
|
|
203
|
+
*/
|
|
204
|
+
createRateLimitStore(config) {
|
|
205
|
+
var _a;
|
|
206
|
+
if (config.store === 'redis' && ((_a = config.redis) === null || _a === void 0 ? void 0 : _a.client)) {
|
|
207
|
+
console.log('[Proxy] - [RATE-LIMIT] - Using Redis store');
|
|
208
|
+
return new RedisStore({
|
|
209
|
+
sendCommand: (...args) => config.redis.client.sendCommand(args),
|
|
210
|
+
prefix: config.redis.prefix || 'wapi:rl:',
|
|
211
|
+
});
|
|
212
|
+
}
|
|
213
|
+
console.log('[Proxy] - [RATE-LIMIT] - Using in-memory store');
|
|
214
|
+
return undefined; // express-rate-limit uses MemoryStore by default
|
|
215
|
+
}
|
|
146
216
|
}
|
|
147
217
|
//# sourceMappingURL=Proxy.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Proxy.js","sourceRoot":"","sources":["../../../../../src/Server/lib/container/Proxy.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,EAAE,MAAM,IAAI,CAAA;AACnB,OAAO,EAAwB,YAAY,EAAE,MAAM,MAAM,CAAA;AAEzD,OAAO,IAAI,MAAM,MAAM,CAAA;AACvB,OAAO,OAAO,MAAM,SAAS,CAAA;
|
|
1
|
+
{"version":3,"file":"Proxy.js","sourceRoot":"","sources":["../../../../../src/Server/lib/container/Proxy.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,EAAE,MAAM,IAAI,CAAA;AACnB,OAAO,EAAwB,YAAY,EAAE,MAAM,MAAM,CAAA;AAEzD,OAAO,IAAI,MAAM,MAAM,CAAA;AACvB,OAAO,OAAO,MAAM,SAAS,CAAA;AAC7B,OAAO,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAA;AAC9C,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAG7C,OAAO,cAAc,MAAM,qBAAqB,CAAA;AAChD,OAAO,aAAa,MAAM,oBAAoB,CAAA;AAC9C,OAAO,OAAO,MAAM,qBAAqB,CAAA;AACzC,OAAO,KAAK,MAAM,wBAAwB,CAAA;AAG1C,+CAA+C;AAC/C,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,cAAc,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAA;AAEtF;;GAEG;AACH,MAAM,CAAC,OAAO,OAAO,KAAK;IA4BxB;;;;;OAKG;IACH,YAAY,MAAoB,EAAE,iBAAkD;QAClF,IAAI,CAAC,QAAQ,GAAG,KAAK,CAAA;QACrB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;QACpB,IAAI,CAAC,iBAAiB,GAAG,iBAAiB,CAAA;QAC1C,IAAI,CAAC,GAAG,GAAG,OAAO,EAAE,CAAA;QACpB,iCAAiC;QACjC,IAAI,CAAC,GAAG,CAAC,GAAG,CACV,OAAO,CAAC,IAAI,CAAC;YACX,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG;gBAClB,GAAG,CAAC,SAAS,CAAC,GAAG,GAAG,CAAA;YACtB,CAAC;SACF,CAAC,CACH,CAAA;QACD,oBAAoB;QACpB,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,IAAI,IAAI,KAAK,CAAC,sBAAsB,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;QACrF,IAAI,CAAC,GAAG,CAAC,GAAG,CACV,IAAI,CACF,UAAU;YACR,CAAC,CAAC;gBACE,MAAM,EAAE,UAAU,CAAC,MAAM;gBACzB,cAAc,EAAE,UAAU,CAAC,OAAO;gBAClC,WAAW,EAAE,CAAC,CAAC,UAAU,CAAC,gBAAgB;aAC3C;YACH,CAAC,CAAC,EAAE,CACP,CACF,CAAA;QAED,2CAA2C;QAC3C,IAAI,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,OAAO,KAAK,KAAK,EAAE,CAAC;YACrE,OAAO,CAAC,GAAG,CAAC,uDAAuD,CAAC,CAAA;YACpE,MAAM,mBAAmB,GAAG,IAAI,CAAC,yBAAyB,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAA;YACjF,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAA;QACnC,CAAC;QAED,6EAA6E;QAC7E,iFAAiF;QACjF,gFAAgF;QAChF,mFAAmF;QACnF,mBAAmB;QACnB,kDAAkD;QAClD,gDAAgD;IAClD,CAAC;IAED;;;OAGG;IACU,IAAI;;YACf,MAAM,IAAI,CAAC,cAAc,EAAE,CAAA;YAC3B,IAAI,CAAC,aAAa,EAAE,CAAA;QACtB,CAAC;KAAA;IAED;;;;OAIG;IACU,MAAM,CAAC,GAAS;;YAC3B,MAAM,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,CAAA;QAC/B,CAAC;KAAA;IAED;;;OAGG;IACW,cAAc;;YAC1B,qDAAqD;YACrD,OAAO,IAAI,OAAO,CAAC,CAAM,OAAO,EAAC,EAAE;gBACjC,MAAM,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,IAAI,IAAI,OAAO,CAAC,yBAAyB,CAAA;gBAClE,OAAO,CAAC,GAAG,CAAC,4BAA4B,UAAU,OAAO,IAAI,EAAE,CAAC,CAAA;gBAChE,gBAAgB;gBAChB,IAAI,CAAC,QAAQ,GAAG,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;gBACtC,eAAe;gBACf,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,IAAI,OAAO,CAAC,4BAA4B,CAAC,CAAA;gBACrF,0EAA0E;gBAC1E,8BAA8B;gBAC9B,IAAI,CAAC,QAAQ,CAAC,gBAAgB,GAAG,KAAK,CAAA;gBACtC,IAAI,CAAC,QAAQ,CAAC,cAAc,GAAG,KAAK,CAAA;gBAEpC,yBAAyB;gBACzB,IAAI,IAAI,CAAC,MAAM,CAAC,kBAAkB;oBAChC,MAAM,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,GAAG,CAAC,CAAA;gBAC/D,eAAe;gBACf,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,EAAE,GAAG,EAAE;oBAC9B,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAA;oBAClC,OAAO,EAAE,CAAA;gBACX,CAAC,CAAC,CAAA;YACJ,CAAC,CAAA,CAAC,CAAA;QACJ,CAAC;KAAA;IAED;;;;OAIG;IACW,aAAa,CAAC,GAAS;;YACnC,IAAI,IAAI,CAAC,QAAQ;gBAAE,OAAM;YACzB,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAA;YACpB,OAAO,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAAA;YACrC,OAAO,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE;gBAC3B,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE;oBACzB,MAAM,IAAI,GAAG,GAAG,IAAI,IAAI,CAAA;oBACxB,IAAI,IAAI;wBAAE,OAAO,CAAC,GAAG,CAAC,wBAAwB,EAAE,IAAI,CAAC,CAAA;oBACrD,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAA;oBAClC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;oBAC1B,OAAO,CAAC,IAAI,CAAC,CAAA;gBACf,CAAC,CAAC,CAAA;YACJ,CAAC,CAAC,CAAA;QACJ,CAAC;KAAA;IAED;;;OAGG;IACK,aAAa;QACnB,+DAA+D;QAC/D,mDAAmD;QACnD,OAAO,CAAC,GAAG,CACT,8BACE,IAAI,CAAC,MAAM,CAAC,gBAAgB,IAAI,OAAO,CAAC,qCAC1C,EAAE,CACH,CAAA;QACD,IAAI,CAAC,GAAG;aACL,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,gBAAgB,IAAI,OAAO,CAAC,qCAAqC,CAAC;aACpF,GAAG,CAAC,aAAa,CAAC,CAAA;QACrB,yFAAyF;QACzF,sFAAsF;QACtF,sEAAsE;QACtE,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,wBAAwB,CAAC,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAA;IAC9F,CAAC;IAED;;;;;OAKG;IACK,yBAAyB,CAAC,MAA6B;QAC7D,MAAM,KAAK,GAAG,IAAI,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAA;QAE/C,OAAO,SAAS,CAAC;YACf,QAAQ,EAAE,MAAM,CAAC,QAAQ,IAAI,KAAK,EAAE,oBAAoB;YACxD,KAAK,EAAE,MAAM,CAAC,KAAK,IAAI,EAAE,EAAE,oCAAoC;YAC/D,eAAe,EAAE,IAAI,EAAE,kDAAkD;YACzE,aAAa,EAAE,KAAK,EAAE,kCAAkC;YAExD,iDAAiD;YACjD,YAAY,EACV,MAAM,CAAC,YAAY;gBACnB,CAAC,CAAC,GAAoB,EAAE,EAAE;;oBACxB,0CAA0C;oBAC1C,OAAO,CACJ,GAAG,CAAC,EAAa;yBAClB,MAAA,MAAC,GAAG,CAAC,OAAO,CAAC,iBAAiB,CAAY,0CAAE,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,0CAAE,IAAI,EAAE,CAAA;wBACjE,GAAG,CAAC,MAAM,CAAC,aAAa;wBACxB,SAAS,CACV,CAAA;gBACH,CAAC,CAAC;YAEJ,6CAA6C;YAC7C,OAAO,EACL,MAAM,CAAC,OAAO;gBACd,CAAC,CAAC,GAAoB,EAAE,GAAqB,EAAE,EAAE;oBAC/C,2BAA2B;oBAC3B,OAAO,CAAC,IAAI,CAAC,yCAAyC,EAAE;wBACtD,EAAE,EAAE,GAAG,CAAC,EAAE;wBACV,IAAI,EAAE,GAAG,CAAC,IAAI;wBACd,MAAM,EAAE,GAAG,CAAC,MAAM;wBAClB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;qBACpC,CAAC,CAAA;oBAEF,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;wBACnB,KAAK,EAAE,qBAAqB;wBAC5B,OAAO,EAAE,4CAA4C;qBACtD,CAAC,CAAA;gBACJ,CAAC,CAAC;YAEJ,sEAAsE;YACtE,IAAI,EAAE,MAAM,CAAC,IAAI;YAEjB,uDAAuD;YACvD,KAAK,EAAE,KAAK;SACb,CAAC,CAAA;IACJ,CAAC;IAED;;;;;OAKG;IACK,oBAAoB,CAAC,MAA6B;;QACxD,IAAI,MAAM,CAAC,KAAK,KAAK,OAAO,KAAI,MAAA,MAAM,CAAC,KAAK,0CAAE,MAAM,CAAA,EAAE,CAAC;YACrD,OAAO,CAAC,GAAG,CAAC,4CAA4C,CAAC,CAAA;YACzD,OAAO,IAAI,UAAU,CAAC;gBACpB,WAAW,EAAE,CAAC,GAAG,IAAc,EAAE,EAAE,CAAC,MAAM,CAAC,KAAM,CAAC,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC;gBAC1E,MAAM,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,IAAI,UAAU;aAC1C,CAAC,CAAA;QACJ,CAAC;QAED,OAAO,CAAC,GAAG,CAAC,gDAAgD,CAAC,CAAA;QAC7D,OAAO,SAAS,CAAA,CAAC,iDAAiD;IACpE,CAAC;CACF"}
|
package/index.ts
CHANGED
|
@@ -10,7 +10,12 @@ import Crypto from './src/Crypto/Crypto.js'
|
|
|
10
10
|
import JWT from './src/Crypto/JWT.js'
|
|
11
11
|
import * as Database from './src/Database/index.js'
|
|
12
12
|
import Mailer from './src/Mailer/Mailer.js'
|
|
13
|
-
import Router, {
|
|
13
|
+
import Router, {
|
|
14
|
+
Route,
|
|
15
|
+
RateLimitConfig,
|
|
16
|
+
GlobalRateLimitConfig,
|
|
17
|
+
RouterConfig,
|
|
18
|
+
} from './src/Server/Router.js'
|
|
14
19
|
import AsyncSingleton from './src/Util/AsyncSingleton.js'
|
|
15
20
|
import Utils from './src/Util/Utils.js'
|
|
16
21
|
|
|
@@ -18,7 +23,7 @@ import Utils from './src/Util/Utils.js'
|
|
|
18
23
|
* This module exports various classes and utilities for handling transactions, processes, events,
|
|
19
24
|
* DynamoDB transactions, routing, mailing, cryptography, JWT, configuration, Redis, responses,
|
|
20
25
|
* utilities, asynchronous singletons, routes, transaction configurations, response error types,
|
|
21
|
-
* HTTP methods, and
|
|
26
|
+
* HTTP methods, database operations, and rate limiting configurations.
|
|
22
27
|
*
|
|
23
28
|
* Classes:
|
|
24
29
|
* - Transaction
|
|
@@ -36,11 +41,16 @@ import Utils from './src/Util/Utils.js'
|
|
|
36
41
|
* - AsyncSingleton
|
|
37
42
|
* - Route
|
|
38
43
|
* - TransactionConfig
|
|
44
|
+
* - RouterConfig
|
|
39
45
|
* - Database
|
|
40
46
|
*
|
|
47
|
+
* Types:
|
|
48
|
+
* - RateLimitConfig - Route-level rate limiting configuration
|
|
49
|
+
* - GlobalRateLimitConfig - Global rate limiting configuration
|
|
50
|
+
*
|
|
41
51
|
* Enums:
|
|
42
52
|
* - ResponseErrorType
|
|
43
|
-
* -
|
|
53
|
+
* - HttpMethod
|
|
44
54
|
*/
|
|
45
55
|
export {
|
|
46
56
|
// Base Events
|
|
@@ -62,6 +72,10 @@ export {
|
|
|
62
72
|
AsyncSingleton,
|
|
63
73
|
Route,
|
|
64
74
|
TransactionConfig,
|
|
75
|
+
RouterConfig,
|
|
76
|
+
// Rate Limiting
|
|
77
|
+
RateLimitConfig,
|
|
78
|
+
GlobalRateLimitConfig,
|
|
65
79
|
// Misc types
|
|
66
80
|
ResponseErrorType,
|
|
67
81
|
HttpMethod,
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@creator.co/wapi",
|
|
3
|
-
"version": "1.8.
|
|
3
|
+
"version": "1.8.5",
|
|
4
4
|
"description": "",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|
|
@@ -50,7 +50,9 @@
|
|
|
50
50
|
"redis": "^4.7.0",
|
|
51
51
|
"sha1": "^1.1.1",
|
|
52
52
|
"stack-trace": "0.0.10",
|
|
53
|
-
"zod": "^3.23.4"
|
|
53
|
+
"zod": "^3.23.4",
|
|
54
|
+
"express-rate-limit": "^7.5.0",
|
|
55
|
+
"rate-limit-redis": "^4.2.0"
|
|
54
56
|
},
|
|
55
57
|
"devDependencies": {
|
|
56
58
|
"@go-task/cli": "^3.39.0",
|
package/src/Server/Router.ts
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
import { Server as HTTPServer } from 'http'
|
|
2
2
|
|
|
3
3
|
import express from 'express'
|
|
4
|
+
import type { RedisClientType } from 'redis'
|
|
4
5
|
import { z } from 'zod'
|
|
5
6
|
|
|
6
7
|
import ContainerServer from './lib/ContainerServer.js'
|
|
@@ -14,6 +15,46 @@ import Transaction, {
|
|
|
14
15
|
} from '../BaseEvent/Transaction.js'
|
|
15
16
|
import Utils from '../Util/Utils.js'
|
|
16
17
|
|
|
18
|
+
/**
|
|
19
|
+
* Configuration options for rate limiting on a specific route.
|
|
20
|
+
* @property {number} [windowMs] - Time window in milliseconds for rate limiting (default: 60000 - 1 minute)
|
|
21
|
+
* @property {number} [limit] - Maximum number of requests allowed per window (default: 60)
|
|
22
|
+
* @property {string} [message] - Custom error message for rate limit exceeded
|
|
23
|
+
* @property {'ip' | 'userId' | ((req: express.Request) => string)} [keyGenerator] - Strategy for generating rate limit keys
|
|
24
|
+
*/
|
|
25
|
+
export interface RateLimitConfig {
|
|
26
|
+
windowMs?: number
|
|
27
|
+
limit?: number
|
|
28
|
+
message?: string
|
|
29
|
+
keyGenerator?: 'ip' | 'userId' | ((req: express.Request) => string)
|
|
30
|
+
skip?: (req: express.Request) => boolean
|
|
31
|
+
}
|
|
32
|
+
|
|
33
|
+
/**
|
|
34
|
+
* Global rate limiting configuration for the router.
|
|
35
|
+
* @property {boolean} [enabled] - Whether rate limiting is enabled (default: true if config provided)
|
|
36
|
+
* @property {number} [windowMs] - Time window in milliseconds (default: 60000 - 1 minute)
|
|
37
|
+
* @property {number} [limit] - Maximum requests per window per key (default: 60)
|
|
38
|
+
* @property {(req: express.Request) => string} [keyGenerator] - Function to generate rate limit key (default: IP-based)
|
|
39
|
+
* @property {(req: express.Request, res: express.Response) => void} [handler] - Custom handler for rate limit exceeded
|
|
40
|
+
* @property {(req: express.Request) => boolean} [skip] - Function to skip rate limiting for certain requests
|
|
41
|
+
* @property {'memory' | 'redis'} [store] - Storage backend for rate limit data
|
|
42
|
+
* @property {object} [redis] - Redis configuration when using Redis store
|
|
43
|
+
*/
|
|
44
|
+
export interface GlobalRateLimitConfig {
|
|
45
|
+
enabled?: boolean
|
|
46
|
+
windowMs?: number
|
|
47
|
+
limit?: number
|
|
48
|
+
keyGenerator?: (req: express.Request) => string
|
|
49
|
+
handler?: (req: express.Request, res: express.Response) => void
|
|
50
|
+
skip?: (req: express.Request) => boolean
|
|
51
|
+
store?: 'memory' | 'redis'
|
|
52
|
+
redis?: {
|
|
53
|
+
client: RedisClientType
|
|
54
|
+
prefix?: string
|
|
55
|
+
}
|
|
56
|
+
}
|
|
57
|
+
|
|
17
58
|
/**
|
|
18
59
|
* Represents a route in an API.
|
|
19
60
|
* @template InputType - The type of the input data for the route.
|
|
@@ -94,6 +135,13 @@ export interface Route<
|
|
|
94
135
|
[key: string]: string[] | never[]
|
|
95
136
|
}[]
|
|
96
137
|
}
|
|
138
|
+
|
|
139
|
+
/**
|
|
140
|
+
* Optional rate limiting configuration for this specific route.
|
|
141
|
+
* Set to `false` to disable global rate limiting for this route.
|
|
142
|
+
* @type {RateLimitConfig | false}
|
|
143
|
+
*/
|
|
144
|
+
rateLimit?: RateLimitConfig | false
|
|
97
145
|
}
|
|
98
146
|
|
|
99
147
|
export type AnyRoute = Route<any | never, any | never, any | never, any | never>
|
|
@@ -147,6 +195,12 @@ export type RouterConfig = TransactionConfig & {
|
|
|
147
195
|
* @type {string | undefined}
|
|
148
196
|
*/
|
|
149
197
|
healthCheckRoute?: string
|
|
198
|
+
/**
|
|
199
|
+
* Global rate limiting configuration for all routes.
|
|
200
|
+
* Individual routes can override this with their own rateLimit config.
|
|
201
|
+
* @type {GlobalRateLimitConfig | undefined}
|
|
202
|
+
*/
|
|
203
|
+
rateLimit?: GlobalRateLimitConfig
|
|
150
204
|
containerSetupHook?: (server: HTTPServer, app: express.Express) => Promise<void>
|
|
151
205
|
}
|
|
152
206
|
|
|
@@ -3,13 +3,15 @@ import { Server as HTTPServer, createServer } from 'http'
|
|
|
3
3
|
|
|
4
4
|
import cors from 'cors'
|
|
5
5
|
import express from 'express'
|
|
6
|
+
import { rateLimit } from 'express-rate-limit'
|
|
7
|
+
import { RedisStore } from 'rate-limit-redis'
|
|
6
8
|
|
|
7
9
|
import Server from './../Server.js'
|
|
8
10
|
import GenericHandler from './GenericHandler.js'
|
|
9
11
|
import HealthHandler from './HealthHandler.js'
|
|
10
12
|
import Globals from '../../../Globals.js'
|
|
11
13
|
import Utils from '../../../Util/Utils.js'
|
|
12
|
-
import { RouterConfig } from '../../Router.js'
|
|
14
|
+
import { GlobalRateLimitConfig, RouterConfig } from '../../Router.js'
|
|
13
15
|
|
|
14
16
|
/* Get package.json version from Wapi on ESM */
|
|
15
17
|
const { version: appVersion } = JSON.parse(fs.readFileSync('package.json').toString())
|
|
@@ -78,6 +80,13 @@ export default class Proxy {
|
|
|
78
80
|
)
|
|
79
81
|
)
|
|
80
82
|
|
|
83
|
+
// Apply global rate limiting if configured
|
|
84
|
+
if (this.config.rateLimit && this.config.rateLimit.enabled !== false) {
|
|
85
|
+
console.log('[Proxy] - [RATE-LIMIT] - Global rate limiting enabled')
|
|
86
|
+
const rateLimitMiddleware = this.createRateLimitMiddleware(this.config.rateLimit)
|
|
87
|
+
this.app.use(rateLimitMiddleware)
|
|
88
|
+
}
|
|
89
|
+
|
|
81
90
|
// //This supposedly fix some 502 codes where nodejs socket would hang during
|
|
82
91
|
// //a request and if behind ALB, it would cause 502 codes. Had experiencied this
|
|
83
92
|
// //and 502 codes reduced dramastically, but still some appearances. Maybe this
|
|
@@ -174,4 +183,77 @@ export default class Proxy {
|
|
|
174
183
|
//load balancer and we just foward everything we have to the function.
|
|
175
184
|
this.app.route(Globals.Listener_HTTP_ProxyRoute).all(GenericHandler(this.serverlessHandler))
|
|
176
185
|
}
|
|
186
|
+
|
|
187
|
+
/**
|
|
188
|
+
* Creates rate limiting middleware based on the provided configuration.
|
|
189
|
+
* @param {GlobalRateLimitConfig} config - The rate limit configuration
|
|
190
|
+
* @returns {express.RequestHandler} Express middleware for rate limiting
|
|
191
|
+
* @private
|
|
192
|
+
*/
|
|
193
|
+
private createRateLimitMiddleware(config: GlobalRateLimitConfig): express.RequestHandler {
|
|
194
|
+
const store = this.createRateLimitStore(config)
|
|
195
|
+
|
|
196
|
+
return rateLimit({
|
|
197
|
+
windowMs: config.windowMs || 60000, // Default: 1 minute
|
|
198
|
+
limit: config.limit || 60, // Default: 60 requests per windowMs
|
|
199
|
+
standardHeaders: true, // Return rate limit info in `RateLimit-*` headers
|
|
200
|
+
legacyHeaders: false, // Disable `X-RateLimit-*` headers
|
|
201
|
+
|
|
202
|
+
// Key generator - how to identify unique clients
|
|
203
|
+
keyGenerator:
|
|
204
|
+
config.keyGenerator ||
|
|
205
|
+
((req: express.Request) => {
|
|
206
|
+
// Use IP address from proxy-aware sources
|
|
207
|
+
return (
|
|
208
|
+
(req.ip as string) ||
|
|
209
|
+
(req.headers['x-forwarded-for'] as string)?.split(',')[0]?.trim() ||
|
|
210
|
+
req.socket.remoteAddress ||
|
|
211
|
+
'unknown'
|
|
212
|
+
)
|
|
213
|
+
}),
|
|
214
|
+
|
|
215
|
+
// Custom handler when rate limit is exceeded
|
|
216
|
+
handler:
|
|
217
|
+
config.handler ||
|
|
218
|
+
((req: express.Request, res: express.Response) => {
|
|
219
|
+
// Log rate limit violation
|
|
220
|
+
console.warn('[Proxy] - [RATE-LIMIT] - Limit exceeded', {
|
|
221
|
+
ip: req.ip,
|
|
222
|
+
path: req.path,
|
|
223
|
+
method: req.method,
|
|
224
|
+
timestamp: new Date().toISOString(),
|
|
225
|
+
})
|
|
226
|
+
|
|
227
|
+
res.status(429).json({
|
|
228
|
+
error: 'rate_limit_exceeded',
|
|
229
|
+
message: 'Too many requests. Please try again later.',
|
|
230
|
+
})
|
|
231
|
+
}),
|
|
232
|
+
|
|
233
|
+
// Skip function - allows bypassing rate limiting for certain requests
|
|
234
|
+
skip: config.skip,
|
|
235
|
+
|
|
236
|
+
// Store - use Redis if configured, otherwise in-memory
|
|
237
|
+
store: store,
|
|
238
|
+
})
|
|
239
|
+
}
|
|
240
|
+
|
|
241
|
+
/**
|
|
242
|
+
* Creates the appropriate store for rate limiting based on configuration.
|
|
243
|
+
* @param {GlobalRateLimitConfig} config - The rate limit configuration
|
|
244
|
+
* @returns {RedisStore | undefined} Redis store if configured, undefined for in-memory
|
|
245
|
+
* @private
|
|
246
|
+
*/
|
|
247
|
+
private createRateLimitStore(config: GlobalRateLimitConfig): any {
|
|
248
|
+
if (config.store === 'redis' && config.redis?.client) {
|
|
249
|
+
console.log('[Proxy] - [RATE-LIMIT] - Using Redis store')
|
|
250
|
+
return new RedisStore({
|
|
251
|
+
sendCommand: (...args: string[]) => config.redis!.client.sendCommand(args),
|
|
252
|
+
prefix: config.redis.prefix || 'wapi:rl:',
|
|
253
|
+
})
|
|
254
|
+
}
|
|
255
|
+
|
|
256
|
+
console.log('[Proxy] - [RATE-LIMIT] - Using in-memory store')
|
|
257
|
+
return undefined // express-rate-limit uses MemoryStore by default
|
|
258
|
+
}
|
|
177
259
|
}
|