express-rate-limit 6.6.0 → 6.7.1

package/changelog.md

@@ -6,21 +6,66 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to
 [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
-## [6.5.0](https://github.com/nfriedly/express-rate-limit/releases/tag/v6.5.0)
+## [6.7.1](https://github.com/express-rate-limit/express-rate-limit/releases/tag/v6.7.1)
 
-## Changed
+### Fixed
+
+- Fixed compatibility with TypeScript's TypeScript new `node16` module
+  resolution strategy (See
+  [#355](https://github.com/express-rate-limit/express-rate-limit/issues/355))
+
+### Changed
+
+- Bumped development dependencies.
+- Added `node` 20 to list of versions the CI jobs run on.
+
+No functional changes.
+
+## [6.7.0](https://github.com/express-rate-limit/express-rate-limit/releases/tag/v6.7.0)
+
+### Changed
+
+- Updated links to point to the new `express-rate-limit` organization on GitHub.
+- Added advertisement to `readme.md` for project sponsor
+  [Zuplo](https://zuplo.link/express-rate-limit).
+- Updated to `typescript` version 5 and bumped other dependencies.
+- Dropped `node` 12, and added `node` 19 to the list of versions the CI jobs run
+  on.
+
+No functional changes.
+
+## [6.6.0](https://github.com/nfriedly/express-rate-limit/releases/tag/v6.6.0)
+
+### Added
+
+- Added `shutdown` method to the Store interface and the MemoryStore.
+
+## [6.5.2](https://github.com/nfriedly/express-rate-limit/releases/tag/v6.5.2)
+
+### Fixed
+
+- Fixed an issue with missing types in ESM monorepos.
+
+## [6.5.1](https://github.com/nfriedly/express-rate-limit/releases/tag/v6.5.1)
+
+### Added
 
 - The message option can now be a (sync/asynx) function that returns a value
   (#311)
+
+### Changed
+
 - Updated all dependencies
 
+Note: 6.5.0 was not released due to CI automation issues.
+
 ## [6.4.0](https://github.com/nfriedly/express-rate-limit/releases/tag/v6.3.0)
 
 ### Added
 
 - Adds Express 5 (`5.0.0-beta.1`) as a supported peer dependency (#304)
 
-## Changed
+### Changed
 
 - Tests are now run on Node 12, 14, 16 and 18 on CI (#305)
 - Updated all development dependencies (#306)

package/dist/index.cjs

@@ -3,6 +3,7 @@ var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;
 var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __defNormalProp = (obj, key, value) => key in obj ? __defProp(obj, key, { enumerable: true, configurable: true, writable: true, value }) : obj[key] = value;
 var __export = (target, all) => {
   for (var name in all)
     __defProp(target, name, { get: all[name], enumerable: true });
@@ -16,6 +17,10 @@ var __copyProps = (to, from, except, desc) => {
   return to;
 };
 var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var __publicField = (obj, key, value) => {
+  __defNormalProp(obj, typeof key !== "symbol" ? key + "" : key, value);
+  return value;
+};
 
 // source/index.ts
 var source_exports = {};
@@ -28,11 +33,34 @@ module.exports = __toCommonJS(source_exports);
 
 // source/memory-store.ts
 var calculateNextResetTime = (windowMs) => {
-  const resetTime = new Date();
+  const resetTime = /* @__PURE__ */ new Date();
   resetTime.setMilliseconds(resetTime.getMilliseconds() + windowMs);
   return resetTime;
 };
 var MemoryStore = class {
+  constructor() {
+    /**
+     * The duration of time before which all hit counts are reset (in milliseconds).
+     */
+    __publicField(this, "windowMs");
+    /**
+     * The map that stores the number of hits for each client in memory.
+     */
+    __publicField(this, "hits");
+    /**
+     * The time at which all hit counts will be reset.
+     */
+    __publicField(this, "resetTime");
+    /**
+     * Reference to the active timer.
+     */
+    __publicField(this, "interval");
+  }
+  /**
+   * Method that initializes the store.
+   *
+   * @param options {Options} - The options used to setup the middleware.
+   */
   init(options) {
     this.windowMs = options.windowMs;
     this.resetTime = calculateNextResetTime(this.windowMs);
@@ -43,6 +71,15 @@ var MemoryStore = class {
     if (this.interval.unref)
       this.interval.unref();
   }
+  /**
+   * Method to increment a client's hit counter.
+   *
+   * @param key {string} - The identifier for a client.
+   *
+   * @returns {IncrementResponse} - The number of hits and reset time for that client.
+   *
+   * @public
+   */
   async increment(key) {
     var _a;
     const totalHits = ((_a = this.hits[key]) != null ? _a : 0) + 1;
@@ -52,25 +89,54 @@ var MemoryStore = class {
       resetTime: this.resetTime
     };
   }
+  /**
+   * Method to decrement a client's hit counter.
+   *
+   * @param key {string} - The identifier for a client.
+   *
+   * @public
+   */
   async decrement(key) {
     const current = this.hits[key];
     if (current)
       this.hits[key] = current - 1;
   }
+  /**
+   * Method to reset a client's hit counter.
+   *
+   * @param key {string} - The identifier for a client.
+   *
+   * @public
+   */
   async resetKey(key) {
     delete this.hits[key];
   }
+  /**
+   * Method to reset everyone's hit counter.
+   *
+   * @public
+   */
   async resetAll() {
     this.hits = {};
     this.resetTime = calculateNextResetTime(this.windowMs);
   }
+  /**
+   * Method to stop the timer (if currently running) and prevent any memory
+   * leaks.
+   *
+   * @public
+   */
   shutdown() {
     clearInterval(this.interval);
   }
 };
 
 // source/lib.ts
-var isLegacyStore = (store) => typeof store.incr === "function" && typeof store.increment !== "function";
+var isLegacyStore = (store) => (
+  // Check that `incr` exists but `increment` does not - store authors might want
+  // to keep both around for backwards compatibility.
+  typeof store.incr === "function" && typeof store.increment !== "function"
+);
 var promisifyStore = (passedStore) => {
   if (!isLegacyStore(passedStore)) {
     return passedStore;
@@ -79,11 +145,14 @@ var promisifyStore = (passedStore) => {
   class PromisifiedStore {
     async increment(key) {
       return new Promise((resolve, reject) => {
-        legacyStore.incr(key, (error, totalHits, resetTime) => {
-          if (error)
-            reject(error);
-          resolve({ totalHits, resetTime });
-        });
+        legacyStore.incr(
+          key,
+          (error, totalHits, resetTime) => {
+            if (error)
+              reject(error);
+            resolve({ totalHits, resetTime });
+          }
+        );
       });
     }
     async decrement(key) {
@@ -116,24 +185,34 @@ var parseOptions = (passedOptions) => {
     skip: (_request, _response) => false,
     keyGenerator(request, _response) {
       if (!request.ip) {
-        console.error("WARN | `express-rate-limit` | `request.ip` is undefined. You can avoid this by providing a custom `keyGenerator` function, but it may be indicative of a larger issue.");
+        console.error(
+          "WARN | `express-rate-limit` | `request.ip` is undefined. You can avoid this by providing a custom `keyGenerator` function, but it may be indicative of a larger issue."
+        );
       }
       return request.ip;
     },
     async handler(request, response, _next, _optionsUsed) {
       response.status(config.statusCode);
-      const message = typeof config.message === "function" ? await config.message(request, response) : config.message;
+      const message = typeof config.message === "function" ? await config.message(
+        request,
+        response
+      ) : config.message;
       if (!response.writableEnded) {
         response.send(message != null ? message : "Too many requests, please try again later.");
       }
     },
     onLimitReached(_request, _response, _optionsUsed) {
     },
+    // Allow the options object to be overriden by the options passed to the middleware.
     ...notUndefinedOptions,
+    // Note that this field is declared after the user's options are spread in,
+    // so that this field doesn't get overriden with an un-promisified store!
     store: promisifyStore((_c = notUndefinedOptions.store) != null ? _c : new MemoryStore())
   };
-  if (typeof config.store.increment !== "function" || typeof config.store.decrement !== "function" || typeof config.store.resetKey !== "function" || typeof config.store.resetAll !== "undefined" && typeof config.store.resetAll !== "function" || typeof config.store.init !== "undefined" && typeof config.store.init !== "function") {
-    throw new TypeError("An invalid store was passed. Please ensure that the store is a class that implements the `Store` interface.");
+  if (typeof config.store.increment !== "function" || typeof config.store.decrement !== "function" || typeof config.store.resetKey !== "function" || config.store.resetAll !== void 0 && typeof config.store.resetAll !== "function" || config.store.init !== void 0 && typeof config.store.init !== "function") {
+    throw new TypeError(
+      "An invalid store was passed. Please ensure that the store is a class that implements the `Store` interface."
+    );
   }
   return config;
 };
@@ -148,79 +227,92 @@ var rateLimit = (passedOptions) => {
   const options = parseOptions(passedOptions != null ? passedOptions : {});
   if (typeof options.store.init === "function")
     options.store.init(options);
-  const middleware = handleAsyncErrors(async (request, response, next) => {
-    const skip = await options.skip(request, response);
-    if (skip) {
-      next();
-      return;
-    }
-    const augmentedRequest = request;
-    const key = await options.keyGenerator(request, response);
-    const { totalHits, resetTime } = await options.store.increment(key);
-    const retrieveQuota = typeof options.max === "function" ? options.max(request, response) : options.max;
-    const maxHits = await retrieveQuota;
-    augmentedRequest[options.requestPropertyName] = {
-      limit: maxHits,
-      current: totalHits,
-      remaining: Math.max(maxHits - totalHits, 0),
-      resetTime
-    };
-    if (options.legacyHeaders && !response.headersSent) {
-      response.setHeader("X-RateLimit-Limit", maxHits);
-      response.setHeader("X-RateLimit-Remaining", augmentedRequest[options.requestPropertyName].remaining);
-      if (resetTime instanceof Date) {
-        response.setHeader("Date", new Date().toUTCString());
-        response.setHeader("X-RateLimit-Reset", Math.ceil(resetTime.getTime() / 1e3));
+  const middleware = handleAsyncErrors(
+    async (request, response, next) => {
+      const skip = await options.skip(request, response);
+      if (skip) {
+        next();
+        return;
       }
-    }
-    if (options.standardHeaders && !response.headersSent) {
-      response.setHeader("RateLimit-Limit", maxHits);
-      response.setHeader("RateLimit-Remaining", augmentedRequest[options.requestPropertyName].remaining);
-      if (resetTime) {
-        const deltaSeconds = Math.ceil((resetTime.getTime() - Date.now()) / 1e3);
-        response.setHeader("RateLimit-Reset", Math.max(0, deltaSeconds));
+      const augmentedRequest = request;
+      const key = await options.keyGenerator(request, response);
+      const { totalHits, resetTime } = await options.store.increment(key);
+      const retrieveQuota = typeof options.max === "function" ? options.max(request, response) : options.max;
+      const maxHits = await retrieveQuota;
+      augmentedRequest[options.requestPropertyName] = {
+        limit: maxHits,
+        current: totalHits,
+        remaining: Math.max(maxHits - totalHits, 0),
+        resetTime
+      };
+      if (options.legacyHeaders && !response.headersSent) {
+        response.setHeader("X-RateLimit-Limit", maxHits);
+        response.setHeader(
+          "X-RateLimit-Remaining",
+          augmentedRequest[options.requestPropertyName].remaining
+        );
+        if (resetTime instanceof Date) {
+          response.setHeader("Date", (/* @__PURE__ */ new Date()).toUTCString());
+          response.setHeader(
+            "X-RateLimit-Reset",
+            Math.ceil(resetTime.getTime() / 1e3)
+          );
+        }
       }
-    }
-    if (options.skipFailedRequests || options.skipSuccessfulRequests) {
-      let decremented = false;
-      const decrementKey = async () => {
-        if (!decremented) {
-          await options.store.decrement(key);
-          decremented = true;
+      if (options.standardHeaders && !response.headersSent) {
+        response.setHeader("RateLimit-Limit", maxHits);
+        response.setHeader(
+          "RateLimit-Remaining",
+          augmentedRequest[options.requestPropertyName].remaining
+        );
+        if (resetTime) {
+          const deltaSeconds = Math.ceil(
+            (resetTime.getTime() - Date.now()) / 1e3
+          );
+          response.setHeader("RateLimit-Reset", Math.max(0, deltaSeconds));
         }
-      };
-      if (options.skipFailedRequests) {
-        response.on("finish", async () => {
-          if (!options.requestWasSuccessful(request, response))
-            await decrementKey();
-        });
-        response.on("close", async () => {
-          if (!response.writableEnded)
-            await decrementKey();
-        });
-        response.on("error", async () => {
-          await decrementKey();
-        });
       }
-      if (options.skipSuccessfulRequests) {
-        response.on("finish", async () => {
-          if (options.requestWasSuccessful(request, response))
+      if (options.skipFailedRequests || options.skipSuccessfulRequests) {
+        let decremented = false;
+        const decrementKey = async () => {
+          if (!decremented) {
+            await options.store.decrement(key);
+            decremented = true;
+          }
+        };
+        if (options.skipFailedRequests) {
+          response.on("finish", async () => {
+            if (!options.requestWasSuccessful(request, response))
+              await decrementKey();
+          });
+          response.on("close", async () => {
+            if (!response.writableEnded)
+              await decrementKey();
+          });
+          response.on("error", async () => {
             await decrementKey();
-        });
+          });
+        }
+        if (options.skipSuccessfulRequests) {
+          response.on("finish", async () => {
+            if (options.requestWasSuccessful(request, response))
+              await decrementKey();
+          });
+        }
       }
-    }
-    if (maxHits && totalHits === maxHits + 1) {
-      options.onLimitReached(request, response, options);
-    }
-    if (maxHits && totalHits > maxHits) {
-      if ((options.legacyHeaders || options.standardHeaders) && !response.headersSent) {
-        response.setHeader("Retry-After", Math.ceil(options.windowMs / 1e3));
+      if (maxHits && totalHits === maxHits + 1) {
+        options.onLimitReached(request, response, options);
+      }
+      if (maxHits && totalHits > maxHits) {
+        if ((options.legacyHeaders || options.standardHeaders) && !response.headersSent) {
+          response.setHeader("Retry-After", Math.ceil(options.windowMs / 1e3));
+        }
+        options.handler(request, response, next, options);
+        return;
       }
-      options.handler(request, response, next, options);
-      return;
+      next();
     }
-    next();
-  });
+  );
   middleware.resetKey = options.store.resetKey.bind(options.store);
   return middleware;
 };