@jsfsi-core/ts-nestjs 1.1.36 → 1.1.38
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +38 -0
- package/dist/index.cjs +23 -23
- package/dist/index.mjs +1251 -1225
- package/dist/ts-nestjs/src/guards/InMemoryRateLimitGuard.d.ts +13 -0
- package/dist/ts-nestjs/src/guards/InMemoryRateLimitGuard.unit.test.d.ts +1 -0
- package/dist/ts-nestjs/src/index.d.ts +1 -0
- package/package.json +6 -6
package/README.md
CHANGED
|
@@ -36,6 +36,8 @@ src/
|
|
|
36
36
|
│ └── AppConfigurationService.ts # Configuration setup
|
|
37
37
|
├── filters/
|
|
38
38
|
│ └── AllExceptionsFilter.ts # Exception handler (edge)
|
|
39
|
+
├── guards/
|
|
40
|
+
│ └── InMemoryRateLimitGuard.ts # In-memory rate limit guard
|
|
39
41
|
├── middlewares/
|
|
40
42
|
│ └── RequestMiddleware.ts # Request logging
|
|
41
43
|
└── validators/
|
|
@@ -248,6 +250,42 @@ Logs include:
|
|
|
248
250
|
- Request/response headers
|
|
249
251
|
- Severity level based on status code
|
|
250
252
|
|
|
253
|
+
### In-Memory Rate Limit Guard
|
|
254
|
+
|
|
255
|
+
`InMemoryRateLimitGuard` limits the number of requests per client (by IP) within a sliding time window. It is in-memory only (no distributed state) and suitable for single-instance APIs or per-node protection.
|
|
256
|
+
|
|
257
|
+
**Options:**
|
|
258
|
+
|
|
259
|
+
- `windowMs`: Time window in milliseconds (e.g. `60000` for 1 minute).
|
|
260
|
+
- `maxRequests`: Maximum number of requests allowed per client within the window.
|
|
261
|
+
|
|
262
|
+
**Behaviour:**
|
|
263
|
+
|
|
264
|
+
- Client identity is derived from the `x-forwarded-for` header (first IP) or `request.ip`, otherwise `'unknown'`.
|
|
265
|
+
- Sliding window: only requests within the last `windowMs` ms count toward the limit.
|
|
266
|
+
- When the limit is exceeded, the guard throws `HttpStatus.TOO_MANY_REQUESTS` (429) and sets the `Retry-After` header (seconds until the oldest request in the window expires).
|
|
267
|
+
- The constructor throws if `windowMs` or `maxRequests` is not positive.
|
|
268
|
+
|
|
269
|
+
**Usage:**
|
|
270
|
+
|
|
271
|
+
```typescript
|
|
272
|
+
import { InMemoryRateLimitGuard, InMemoryRateLimitGuardOptions } from '@jsfsi-core/ts-nestjs';
|
|
273
|
+
import { Controller, Get, UseGuards } from '@nestjs/common';
|
|
274
|
+
|
|
275
|
+
@Controller('api')
|
|
276
|
+
export class ApiController {
|
|
277
|
+
@Get('limited')
|
|
278
|
+
@UseGuards(new InMemoryRateLimitGuard({ windowMs: 60_000, maxRequests: 100 }))
|
|
279
|
+
limited(): { ok: boolean } {
|
|
280
|
+
return { ok: true };
|
|
281
|
+
}
|
|
282
|
+
}
|
|
283
|
+
```
|
|
284
|
+
|
|
285
|
+
For app-wide or config-driven limits, extend `InMemoryRateLimitGuard` in your application and pass options from your configuration (see the template-rest-api README).
|
|
286
|
+
|
|
287
|
+
**Exports:** `InMemoryRateLimitGuard`, `InMemoryRateLimitGuardOptions`.
|
|
288
|
+
|
|
251
289
|
## 📝 Naming Conventions
|
|
252
290
|
|
|
253
291
|
### Controllers
|