@joint-ops/hitlimit 1.0.3 → 1.0.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +15 -8
- package/package.json +2 -2
package/README.md
CHANGED
|
@@ -32,9 +32,9 @@ hitlimit is designed for speed. Here's how it performs:
|
|
|
32
32
|
|
|
33
33
|
| Store | Operations/sec | Avg Latency | Use Case |
|
|
34
34
|
|-------|----------------|-------------|----------|
|
|
35
|
-
| **Memory** |
|
|
36
|
-
| **SQLite** |
|
|
37
|
-
| **Redis** |
|
|
35
|
+
| **Memory** | 2,320,000+ | 0.43μs | Single instance, no persistence |
|
|
36
|
+
| **SQLite** | 393,000+ | 2.54μs | Single instance, persistence needed |
|
|
37
|
+
| **Redis** | 6,500+ | 153μs | Multi-instance, distributed |
|
|
38
38
|
|
|
39
39
|
### vs Competitors
|
|
40
40
|
|
|
@@ -44,6 +44,8 @@ hitlimit is designed for speed. Here's how it performs:
|
|
|
44
44
|
| rate-limiter-flexible | 1,630,000 | ~155KB |
|
|
45
45
|
| express-rate-limit | 1,220,000 | ~66KB |
|
|
46
46
|
|
|
47
|
+
> **Note:** Benchmark results vary by hardware and environment. Run your own benchmarks to see results on your specific setup.
|
|
48
|
+
|
|
47
49
|
### HTTP Overhead
|
|
48
50
|
|
|
49
51
|
| Framework | Without Limiter | With hitlimit | Overhead |
|
|
@@ -130,8 +132,12 @@ import { createHitLimit } from '@joint-ops/hitlimit/node'
|
|
|
130
132
|
const limiter = createHitLimit({ limit: 100, window: '1m' })
|
|
131
133
|
|
|
132
134
|
const server = http.createServer(async (req, res) => {
|
|
133
|
-
const result = await limiter(req
|
|
134
|
-
if (!result.allowed)
|
|
135
|
+
const result = await limiter.check(req)
|
|
136
|
+
if (!result.allowed) {
|
|
137
|
+
res.writeHead(429, { 'Content-Type': 'application/json', ...result.headers })
|
|
138
|
+
res.end(JSON.stringify(result.body))
|
|
139
|
+
return
|
|
140
|
+
}
|
|
135
141
|
|
|
136
142
|
res.writeHead(200)
|
|
137
143
|
res.end('Hello!')
|
|
@@ -184,11 +190,12 @@ Rate limit by IP address, user ID, API key, or any custom identifier.
|
|
|
184
190
|
hitlimit({
|
|
185
191
|
key: (req) => {
|
|
186
192
|
// By API key
|
|
187
|
-
|
|
193
|
+
const apiKey = req.headers['x-api-key']
|
|
194
|
+
if (apiKey) return String(apiKey)
|
|
188
195
|
// By user ID
|
|
189
196
|
if (req.user?.id) return `user:${req.user.id}`
|
|
190
197
|
// Fallback to IP
|
|
191
|
-
return req.ip
|
|
198
|
+
return req.ip || 'unknown'
|
|
192
199
|
}
|
|
193
200
|
})
|
|
194
201
|
```
|
|
@@ -216,7 +223,7 @@ hitlimit({
|
|
|
216
223
|
window: '1m', // Time window: 30s, 15m, 1h, 1d (default: '1m')
|
|
217
224
|
|
|
218
225
|
// Custom key extraction
|
|
219
|
-
key: (req) => req.ip,
|
|
226
|
+
key: (req) => req.ip || 'unknown',
|
|
220
227
|
|
|
221
228
|
// Tiered rate limits
|
|
222
229
|
tiers: {
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@joint-ops/hitlimit",
|
|
3
|
-
"version": "1.0.
|
|
3
|
+
"version": "1.0.4",
|
|
4
4
|
"description": "Fast rate limiting middleware for Express, NestJS & Node.js - API throttling, brute force protection, request limiting",
|
|
5
5
|
"author": {
|
|
6
6
|
"name": "Shayan M Hussain",
|
|
@@ -119,7 +119,7 @@
|
|
|
119
119
|
"test:watch": "vitest"
|
|
120
120
|
},
|
|
121
121
|
"dependencies": {
|
|
122
|
-
"@joint-ops/hitlimit-types": "1.0.
|
|
122
|
+
"@joint-ops/hitlimit-types": "1.0.4"
|
|
123
123
|
},
|
|
124
124
|
"peerDependencies": {
|
|
125
125
|
"@nestjs/common": ">=8.0.0",
|