@depup/rate-limiter-flexible 9.1.1-depup.0

package/lib/RateLimiterCluster.js

@@ -0,0 +1,367 @@
+/**
+ * Implements rate limiting in cluster using built-in IPC
+ *
+ * Two classes are described here: master and worker
+ * Master have to be create in the master process without any options.
+ * Any number of rate limiters can be created in workers, but each rate limiter must be with unique keyPrefix
+ *
+ * Workflow:
+ * 1. master rate limiter created in master process
+ * 2. worker rate limiter sends 'init' message with necessary options during creating
+ * 3. master receives options and adds new rate limiter by keyPrefix if it isn't created yet
+ * 4. master sends 'init' back to worker's rate limiter
+ * 5. worker can process requests immediately,
+ *    but they will be postponed by 'workerWaitInit' until master sends 'init' to worker
+ * 6. every request to worker rate limiter creates a promise
+ * 7. if master doesn't response for 'timeout', promise is rejected
+ * 8. master sends 'resolve' or 'reject' command to worker
+ * 9. worker resolves or rejects promise depending on message from master
+ *
+ */
+
+const cluster = require('cluster');
+const crypto = require('crypto');
+const RateLimiterAbstract = require('./RateLimiterAbstract');
+const RateLimiterMemory = require('./RateLimiterMemory');
+const RateLimiterRes = require('./RateLimiterRes');
+
+const channel = 'rate_limiter_flexible';
+let masterInstance = null;
+
+const masterSendToWorker = function (worker, msg, type, res) {
+  let data;
+  if (res === null || res === true || res === false) {
+    data = res;
+  } else {
+    data = {
+      remainingPoints: res.remainingPoints,
+      msBeforeNext: res.msBeforeNext,
+      consumedPoints: res.consumedPoints,
+      isFirstInDuration: res.isFirstInDuration,
+    };
+  }
+  worker.send({
+    channel,
+    keyPrefix: msg.keyPrefix, // which rate limiter exactly
+    promiseId: msg.promiseId,
+    type,
+    data,
+  });
+};
+
+const workerWaitInit = function (payload) {
+  setTimeout(() => {
+    if (this._initiated) {
+      process.send(payload);
+      // Promise will be removed by timeout if too long
+    } else if (typeof this._promises[payload.promiseId] !== 'undefined') {
+      workerWaitInit.call(this, payload);
+    }
+  }, 30);
+};
+
+const workerSendToMaster = function (func, promiseId, key, arg, opts) {
+  const payload = {
+    channel,
+    keyPrefix: this.keyPrefix,
+    func,
+    promiseId,
+    data: {
+      key,
+      arg,
+      opts,
+    },
+  };
+
+  if (!this._initiated) {
+    // Wait init before sending messages to master
+    workerWaitInit.call(this, payload);
+  } else {
+    process.send(payload);
+  }
+};
+
+const masterProcessMsg = function (worker, msg) {
+  if (!msg || msg.channel !== channel || typeof this._rateLimiters[msg.keyPrefix] === 'undefined') {
+    return false;
+  }
+
+  let promise;
+
+  switch (msg.func) {
+    case 'consume':
+      promise = this._rateLimiters[msg.keyPrefix].consume(msg.data.key, msg.data.arg, msg.data.opts);
+      break;
+    case 'penalty':
+      promise = this._rateLimiters[msg.keyPrefix].penalty(msg.data.key, msg.data.arg, msg.data.opts);
+      break;
+    case 'reward':
+      promise = this._rateLimiters[msg.keyPrefix].reward(msg.data.key, msg.data.arg, msg.data.opts);
+      break;
+    case 'block':
+      promise = this._rateLimiters[msg.keyPrefix].block(msg.data.key, msg.data.arg, msg.data.opts);
+      break;
+    case 'get':
+      promise = this._rateLimiters[msg.keyPrefix].get(msg.data.key, msg.data.opts);
+      break;
+    case 'delete':
+      promise = this._rateLimiters[msg.keyPrefix].delete(msg.data.key, msg.data.opts);
+      break;
+    default:
+      return false;
+  }
+
+  if (promise) {
+    promise
+      .then((res) => {
+        masterSendToWorker(worker, msg, 'resolve', res);
+      })
+      .catch((rejRes) => {
+        masterSendToWorker(worker, msg, 'reject', rejRes);
+      });
+  }
+};
+
+const workerProcessMsg = function (msg) {
+  if (!msg || msg.channel !== channel || msg.keyPrefix !== this.keyPrefix) {
+    return false;
+  }
+
+  if (this._promises[msg.promiseId]) {
+    clearTimeout(this._promises[msg.promiseId].timeoutId);
+    let res;
+    if (msg.data === null || msg.data === true || msg.data === false) {
+      res = msg.data;
+    } else {
+      res = new RateLimiterRes(
+        msg.data.remainingPoints,
+        msg.data.msBeforeNext,
+        msg.data.consumedPoints,
+        msg.data.isFirstInDuration // eslint-disable-line comma-dangle
+      );
+    }
+
+    switch (msg.type) {
+      case 'resolve':
+        this._promises[msg.promiseId].resolve(res);
+        break;
+      case 'reject':
+        this._promises[msg.promiseId].reject(res);
+        break;
+      default:
+        throw new Error(`RateLimiterCluster: no such message type '${msg.type}'`);
+    }
+
+    delete this._promises[msg.promiseId];
+  }
+};
+/**
+ * Prepare options to send to master
+ * Master will create rate limiter depending on options
+ *
+ * @returns {{points: *, duration: *, blockDuration: *, execEvenly: *, execEvenlyMinDelayMs: *, keyPrefix: *}}
+ */
+const getOpts = function () {
+  return {
+    points: this.points,
+    duration: this.duration,
+    blockDuration: this.blockDuration,
+    execEvenly: this.execEvenly,
+    execEvenlyMinDelayMs: this.execEvenlyMinDelayMs,
+    keyPrefix: this.keyPrefix,
+  };
+};
+
+const savePromise = function (resolve, reject) {
+  const hrtime = process.hrtime();
+  let promiseId = hrtime[0].toString() + hrtime[1].toString();
+
+  if (typeof this._promises[promiseId] !== 'undefined') {
+    promiseId += crypto.randomBytes(12).toString('base64');
+  }
+
+  this._promises[promiseId] = {
+    resolve,
+    reject,
+    timeoutId: setTimeout(() => {
+      delete this._promises[promiseId];
+      reject(new Error('RateLimiterCluster timeout: no answer from master in time'));
+    }, this.timeoutMs),
+  };
+
+  return promiseId;
+};
+
+class RateLimiterClusterMaster {
+  constructor() {
+    if (masterInstance) {
+      return masterInstance;
+    }
+
+    this._rateLimiters = {};
+
+    cluster.setMaxListeners(0);
+
+    cluster.on('message', (worker, msg) => {
+      if (msg && msg.channel === channel && msg.type === 'init') {
+        // If init request, check or create rate limiter by key prefix and send 'init' back to worker
+        if (typeof this._rateLimiters[msg.opts.keyPrefix] === 'undefined') {
+          this._rateLimiters[msg.opts.keyPrefix] = new RateLimiterMemory(msg.opts);
+        }
+
+        worker.send({
+          channel,
+          type: 'init',
+          keyPrefix: msg.opts.keyPrefix,
+        });
+      } else {
+        masterProcessMsg.call(this, worker, msg);
+      }
+    });
+
+    masterInstance = this;
+  }
+}
+
+class RateLimiterClusterMasterPM2 {
+  constructor(pm2) {
+    if (masterInstance) {
+      return masterInstance;
+    }
+
+    this._rateLimiters = {};
+
+    pm2.launchBus((err, pm2Bus) => {
+      pm2Bus.on('process:msg', (packet) => {
+        const msg = packet.raw;
+        if (msg && msg.channel === channel && msg.type === 'init') {
+          // If init request, check or create rate limiter by key prefix and send 'init' back to worker
+          if (typeof this._rateLimiters[msg.opts.keyPrefix] === 'undefined') {
+            this._rateLimiters[msg.opts.keyPrefix] = new RateLimiterMemory(msg.opts);
+          }
+
+          pm2.sendDataToProcessId(packet.process.pm_id, {
+            data: {},
+            topic: channel,
+            channel,
+            type: 'init',
+            keyPrefix: msg.opts.keyPrefix,
+          }, (sendErr, res) => {
+            if (sendErr) {
+              console.log(sendErr, res);
+            }
+          });
+        } else {
+          const worker = {
+            send: (msgData) => {
+              const pm2Message = msgData;
+              pm2Message.topic = channel;
+              if (typeof pm2Message.data === 'undefined') {
+                pm2Message.data = {};
+              }
+              pm2.sendDataToProcessId(packet.process.pm_id, pm2Message, (sendErr, res) => {
+                if (sendErr) {
+                  console.log(sendErr, res);
+                }
+              });
+            },
+          };
+          masterProcessMsg.call(this, worker, msg);
+        }
+      });
+    });
+
+    masterInstance = this;
+  }
+}
+
+class RateLimiterClusterWorker extends RateLimiterAbstract {
+  get timeoutMs() {
+    return this._timeoutMs;
+  }
+
+  set timeoutMs(value) {
+    this._timeoutMs = typeof value === 'undefined' ? 5000 : Math.abs(parseInt(value));
+  }
+
+  constructor(opts = {}) {
+    super(opts);
+
+    process.setMaxListeners(0);
+
+    this.timeoutMs = opts.timeoutMs;
+
+    this._initiated = false;
+
+    process.on('message', (msg) => {
+      if (msg && msg.channel === channel && msg.type === 'init' && msg.keyPrefix === this.keyPrefix) {
+        this._initiated = true;
+      } else {
+        workerProcessMsg.call(this, msg);
+      }
+    });
+
+    // Create limiter on master with specific options
+    process.send({
+      channel,
+      type: 'init',
+      opts: getOpts.call(this),
+    });
+
+    this._promises = {};
+  }
+
+  consume(key, pointsToConsume = 1, options = {}) {
+    return new Promise((resolve, reject) => {
+      const promiseId = savePromise.call(this, resolve, reject);
+
+      workerSendToMaster.call(this, 'consume', promiseId, key, pointsToConsume, options);
+    });
+  }
+
+  penalty(key, points = 1, options = {}) {
+    return new Promise((resolve, reject) => {
+      const promiseId = savePromise.call(this, resolve, reject);
+
+      workerSendToMaster.call(this, 'penalty', promiseId, key, points, options);
+    });
+  }
+
+  reward(key, points = 1, options = {}) {
+    return new Promise((resolve, reject) => {
+      const promiseId = savePromise.call(this, resolve, reject);
+
+      workerSendToMaster.call(this, 'reward', promiseId, key, points, options);
+    });
+  }
+
+  block(key, secDuration, options = {}) {
+    return new Promise((resolve, reject) => {
+      const promiseId = savePromise.call(this, resolve, reject);
+
+      workerSendToMaster.call(this, 'block', promiseId, key, secDuration, options);
+    });
+  }
+
+  get(key, options = {}) {
+    return new Promise((resolve, reject) => {
+      const promiseId = savePromise.call(this, resolve, reject);
+
+      workerSendToMaster.call(this, 'get', promiseId, key, options);
+    });
+  }
+
+  delete(key, options = {}) {
+    return new Promise((resolve, reject) => {
+      const promiseId = savePromise.call(this, resolve, reject);
+
+      workerSendToMaster.call(this, 'delete', promiseId, key, options);
+    });
+  }
+}
+
+module.exports = {
+  RateLimiterClusterMaster,
+  RateLimiterClusterMasterPM2,
+  RateLimiterCluster: RateLimiterClusterWorker,
+};

package/lib/RateLimiterDrizzle.js

@@ -0,0 +1,174 @@
+let drizzleOperators = null;
+const CLEANUP_INTERVAL_MS = 300000; // 5 minutes
+const EXPIRED_THRESHOLD_MS = 3600000; // 1 hour
+
+class RateLimiterDrizzleError extends Error {
+  constructor(message) {
+    super(message);
+    this.name = 'RateLimiterDrizzleError';
+  }
+}
+
+async function getDrizzleOperators() {
+  if (drizzleOperators) return drizzleOperators;
+
+  try {
+    // Use dynamic import to prevent static analysis tools from detecting the import
+    function getPackageName() {
+      return ['drizzle', 'orm'].join('-');
+    }
+    const drizzleOrm = await import(`${getPackageName()}`);
+    const { and, or, gt, lt, eq, isNull, sql } = drizzleOrm.default || drizzleOrm;
+    drizzleOperators = { and, or, gt, lt, eq, isNull, sql };
+    return drizzleOperators;
+  } catch (error) {
+    throw new RateLimiterDrizzleError(
+      'drizzle-orm is not installed. Please install drizzle-orm to use RateLimiterDrizzle.'
+    );
+  }
+}
+
+const RateLimiterStoreAbstract = require('./RateLimiterStoreAbstract');
+const RateLimiterRes = require('./RateLimiterRes');
+
+class RateLimiterDrizzle extends RateLimiterStoreAbstract {
+  constructor(opts) {
+    super(opts);
+
+    if (!opts?.schema) {
+      throw new RateLimiterDrizzleError('Drizzle schema is required');
+    }
+
+    if (!opts?.storeClient) {
+      throw new RateLimiterDrizzleError('Drizzle client is required');
+    }
+
+    this.schema = opts.schema;
+    this.drizzleClient = opts.storeClient;
+    this.clearExpiredByTimeout = opts.clearExpiredByTimeout ?? true;
+
+    if (this.clearExpiredByTimeout) {
+      this._clearExpiredHourAgo();
+    }
+  }
+
+  _getRateLimiterRes(rlKey, changedPoints, result) {
+    const res = new RateLimiterRes();
+
+    let doc = result;
+    res.isFirstInDuration = doc.points === changedPoints;
+    res.consumedPoints = doc.points;
+    res.remainingPoints = Math.max(this.points - res.consumedPoints, 0);
+    res.msBeforeNext = doc.expire !== null
+      ? Math.max(new Date(doc.expire).getTime() - Date.now(), 0)
+      : -1;
+
+    return res;
+  }
+
+  async _upsert(key, points, msDuration, forceExpire = false) {
+    if (!this.drizzleClient) {
+      return Promise.reject(new RateLimiterDrizzleError('Drizzle client is not established'))
+    }
+
+    const { eq, sql } = await getDrizzleOperators();
+    const now = new Date();
+    const newExpire = msDuration > 0 ? new Date(now.getTime() + msDuration) : null;
+
+    const query = await this.drizzleClient.transaction(async (tx) => {
+      const [existingRecord] = await tx
+        .select()
+        .from(this.schema)
+        .where(eq(this.schema.key, key))
+        .limit(1);
+
+      const shouldUpdateExpire =
+        forceExpire ||
+        !existingRecord?.expire ||
+        existingRecord?.expire <= now ||
+        newExpire === null;
+
+      const [data] = await tx
+        .insert(this.schema)
+        .values({
+          key,
+          points,
+          expire: newExpire,
+        })
+        .onConflictDoUpdate({
+          target: this.schema.key,
+          set: {
+            points: !shouldUpdateExpire
+              ? sql`${this.schema.points} + ${points}`
+              : points,
+            ...(shouldUpdateExpire && { expire: newExpire }),
+          },
+        })
+        .returning();
+
+      return data;
+    })
+
+    return query
+  }
+
+  async _get(rlKey) {
+    if (!this.drizzleClient) {
+      return Promise.reject(new RateLimiterDrizzleError('Drizzle client is not established'))
+    }
+
+    const { and, or, gt, eq, isNull } = await getDrizzleOperators();
+
+    const [response] = await this.drizzleClient
+      .select()
+      .from(this.schema)
+      .where(
+        and(
+          eq(this.schema.key, rlKey),
+          or(gt(this.schema.expire, new Date()), isNull(this.schema.expire))
+        )
+      )
+      .limit(1);
+
+    return response || null;
+
+  }
+
+  async _delete(rlKey) {
+    if (!this.drizzleClient) {
+      return Promise.reject(new RateLimiterDrizzleError('Drizzle client is not established'))
+    }
+
+    const { eq } = await getDrizzleOperators();
+
+    const [result] = await this.drizzleClient
+      .delete(this.schema)
+      .where(eq(this.schema.key, rlKey))
+      .returning({ key: this.schema.key });
+
+    return !!result?.key
+  }
+
+  _clearExpiredHourAgo() {
+    if (this._clearExpiredTimeoutId) {
+      clearTimeout(this._clearExpiredTimeoutId);
+    }
+
+    this._clearExpiredTimeoutId = setTimeout(async () => {
+      try {
+        const { lt } = await getDrizzleOperators();
+        await this.drizzleClient
+          .delete(this.schema)
+          .where(lt(this.schema.expire, new Date(Date.now() - EXPIRED_THRESHOLD_MS)));
+      } catch (error) {
+        console.warn('Failed to clear expired records:', error);
+      }
+
+      this._clearExpiredHourAgo();
+    }, CLEANUP_INTERVAL_MS);
+
+    this._clearExpiredTimeoutId.unref();
+  }
+}
+
+module.exports = RateLimiterDrizzle;

package/lib/RateLimiterDrizzleNonAtomic.js

@@ -0,0 +1,175 @@
+let drizzleOperators = null;
+const CLEANUP_INTERVAL_MS = 300000; // 5 minutes
+const EXPIRED_THRESHOLD_MS = 3600000; // 1 hour
+
+class RateLimiterDrizzleError extends Error {
+  constructor(message) {
+    super(message);
+    this.name = 'RateLimiterDrizzleError';
+  }
+}
+
+async function getDrizzleOperators() {
+  if (drizzleOperators) return drizzleOperators;
+
+  try {
+    // Use dynamic import to prevent static analysis tools from detecting the import
+    function getPackageName() {
+      return ['drizzle', 'orm'].join('-');
+    }
+    const drizzleOrm = await import(`${getPackageName()}`);
+    const { and, or, gt, lt, eq, isNull, sql } = drizzleOrm.default || drizzleOrm;
+    drizzleOperators = { and, or, gt, lt, eq, isNull, sql };
+    return drizzleOperators;
+  } catch (error) {
+    throw new RateLimiterDrizzleError(
+      'drizzle-orm is not installed. Please install drizzle-orm to use RateLimiterDrizzleNonAtomic.'
+    );
+  }
+}
+
+const RateLimiterStoreAbstract = require('./RateLimiterStoreAbstract');
+const RateLimiterRes = require('./RateLimiterRes');
+
+class RateLimiterDrizzleNonAtomic extends RateLimiterStoreAbstract {
+  constructor(opts) {
+    super(opts);
+
+    if (!opts?.schema) {
+      throw new RateLimiterDrizzleError('Drizzle schema is required');
+    }
+
+    if (!opts?.storeClient) {
+      throw new RateLimiterDrizzleError('Drizzle client is required');
+    }
+
+    this.schema = opts.schema;
+    this.drizzleClient = opts.storeClient;
+    this.clearExpiredByTimeout = opts.clearExpiredByTimeout ?? true;
+
+    if (this.clearExpiredByTimeout) {
+      this._clearExpiredHourAgo();
+    }
+  }
+
+  _getRateLimiterRes(rlKey, changedPoints, result) {
+    const res = new RateLimiterRes();
+
+    let doc = result;
+    res.isFirstInDuration = doc.points === changedPoints;
+    res.consumedPoints = doc.points;
+    res.remainingPoints = Math.max(this.points - res.consumedPoints, 0);
+    res.msBeforeNext = doc.expire !== null
+      ? Math.max(new Date(doc.expire).getTime() - Date.now(), 0)
+      : -1;
+
+    return res;
+  }
+
+  async _upsert(key, points, msDuration, forceExpire = false) {
+    if (!this.drizzleClient) {
+      return Promise.reject(new RateLimiterDrizzleError('Drizzle client is not established'));
+    }
+
+    const { eq } = await getDrizzleOperators();
+    const now = new Date();
+    const newExpire = msDuration > 0 ? new Date(now.getTime() + msDuration) : null;
+
+    const [existingRecord] = await this.drizzleClient
+      .select()
+      .from(this.schema)
+      .where(eq(this.schema.key, key))
+      .limit(1);
+
+    const shouldUpdateExpire =
+      forceExpire ||
+      !existingRecord ||
+      !existingRecord.expire ||
+      existingRecord.expire <= now ||
+      newExpire === null;
+
+    let newPoints;
+    if (existingRecord && !shouldUpdateExpire) {
+      newPoints = existingRecord.points + points;
+    } else {
+      newPoints = points;
+    }
+
+    const [data] = await this.drizzleClient
+      .insert(this.schema)
+      .values({
+        key,
+        points: newPoints,
+        expire: newExpire,
+      })
+      .onConflictDoUpdate({
+        target: this.schema.key,
+        set: {
+          points: newPoints,
+          ...(shouldUpdateExpire && { expire: newExpire }),
+        },
+      })
+      .returning();
+
+    return data;
+  }
+
+  async _get(rlKey) {
+    if (!this.drizzleClient) {
+      return Promise.reject(new RateLimiterDrizzleError('Drizzle client is not established'));
+    }
+
+    const { and, or, gt, eq, isNull } = await getDrizzleOperators();
+
+    const [response] = await this.drizzleClient
+      .select()
+      .from(this.schema)
+      .where(
+        and(
+          eq(this.schema.key, rlKey),
+          or(gt(this.schema.expire, new Date()), isNull(this.schema.expire))
+        )
+      )
+      .limit(1);
+
+    return response || null;
+  }
+
+  async _delete(rlKey) {
+    if (!this.drizzleClient) {
+      return Promise.reject(new RateLimiterDrizzleError('Drizzle client is not established'));
+    }
+
+    const { eq } = await getDrizzleOperators();
+
+    const [result] = await this.drizzleClient
+      .delete(this.schema)
+      .where(eq(this.schema.key, rlKey))
+      .returning({ key: this.schema.key });
+
+    return !!(result && result.key);
+  }
+
+  _clearExpiredHourAgo() {
+    if (this._clearExpiredTimeoutId) {
+      clearTimeout(this._clearExpiredTimeoutId);
+    }
+
+    this._clearExpiredTimeoutId = setTimeout(async () => {
+      try {
+        const { lt } = await getDrizzleOperators();
+        await this.drizzleClient
+          .delete(this.schema)
+          .where(lt(this.schema.expire, new Date(Date.now() - EXPIRED_THRESHOLD_MS)));
+      } catch (error) {
+        console.warn('Failed to clear expired records:', error);
+      }
+
+      this._clearExpiredHourAgo();
+    }, CLEANUP_INTERVAL_MS);
+
+    this._clearExpiredTimeoutId.unref();
+  }
+}
+
+module.exports = RateLimiterDrizzleNonAtomic;