npm - @harshror77/rate-limiter-sdk - Versions diffs - 1.0.0 - Mend

@harshror77/rate-limiter-sdk 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/README.md +36 -0
package/package.json +9 -0
package/src/RateLimiterClient.js +26 -0
package/src/RateLimiterMiddleware.js +29 -0
package/src/index.js +2 -0

package/README.md ADDED Viewed

@@ -0,0 +1,36 @@
+# @rate-limiter/sdk
+Client and Express middleware for the Rate Limiter as a Service.
+## Usage
+```javascript
+import { RateLimiterMiddleware } from '@rate-limiter/sdk';
+app.use(RateLimiterMiddleware({
+  serviceUrl: 'http://localhost:3000',
+  apiKey: 'your-service-api-key',
+}));
+```
+Every route registered after this middleware is automatically rate limited. If the limit is exceeded, the middleware responds with `429` and an `X-RateLimit-Remaining` header — your route handler never runs.
+## Using the client directly
+For non-Express use cases, or to check a limit without blocking a route:
+```javascript
+import { RateLimiterClient } from '@rate-limiter/sdk';
+const client = new RateLimiterClient({
+  serviceUrl: 'http://localhost:3000',
+  apiKey: 'your-service-api-key',
+});
+const result = await client.check({ ip: '1.2.3.4', userId: 'abc123' });
+console.log(result.allowed, result.remaining);
+```
+## Behavior when the rate limiter service is unreachable
+The middleware fails open — if the rate limiter service itself is down or unreachable, requests are allowed through rather than blocking your entire app. This is a deliberate trade-off: an unrelated service outage shouldn't take down everything that depends on it.

package/package.json ADDED Viewed

@@ -0,0 +1,9 @@
+{
+  "name": "@harshror77/rate-limiter-sdk",
+  "version": "1.0.0",
+  "type": "module",
+  "main": "src/index.js",
+  "dependencies": {
+    "axios": "^1.6.0"
+  }
+}

package/src/RateLimiterClient.js ADDED Viewed

@@ -0,0 +1,26 @@
+import axios from 'axios';
+export class RateLimiterClient{
+    constructor({serviceUrl, apiKey, timeout=3000}){
+        this.serviceUrl = serviceUrl;
+        this.apiKey = apiKey;
+        this.http = axios.create({
+            baseURL:serviceUrl,
+            timeout
+        });
+    }
+    async check(request={}){
+        try{
+            const response = await this.http.post('/api/check', request,{
+                headers:{'x-api-key':this.apiKey},
+            })
+            return response.data;
+        }catch(err){
+            if(err.response){
+                return err.response.data;
+            }
+            throw err;
+        }
+    }
+}

package/src/RateLimiterMiddleware.js ADDED Viewed

@@ -0,0 +1,29 @@
+import { RateLimiterClient } from './RateLimiterClient.js';
+export function RateLimiterMiddleware({ serviceUrl, apiKey, timeout }) {
+  const client = new RateLimiterClient({ serviceUrl, apiKey, timeout });
+  return async function (req, res, next) {
+    try {
+      const result = await client.check({
+        ip: req.ip,
+        userId: req.userId,
+      });
+      if (!result.allowed) {
+        res.setHeader('X-RateLimit-Remaining', result.remaining ?? 0);
+        return res.status(429).json({
+          error: 'Rate limit exceeded',
+          deniedBy: result.deniedBy,
+          remaining: result.remaining,
+          resetAt: result.resetAt,
+        });
+      }
+      res.setHeader('X-RateLimit-Remaining', result.remaining ?? 0);
+      next();
+    } catch (err) {
+      next();
+    }
+  };
+}

package/src/index.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export { RateLimiterClient } from './RateLimiterClient.js';
2	+ export { RateLimiterMiddleware } from './RateLimiterMiddleware.js';