nestjs-advanced-rate-limiter 0.1.0

package/README.md

@@ -0,0 +1,347 @@
+# nestjs-advanced-rate-limiter
+
+Advanced rate limiter for [NestJS](https://nestjs.com). Drop-in replacement for [`@nestjs/throttler`](https://docs.nestjs.com/security/rate-limiting) with real algorithms: token bucket (GCRA), sliding window, and fixed window. In-memory or Redis.
+
+Built on [elysia-advanced-rate-limiter](https://github.com/mrtcmn/elysia-advanced-rate-limitter) core -- the same algorithms Stripe and Cloudflare run in production.
+
+## Why not `@nestjs/throttler`?
+
+| | `@nestjs/throttler` | `nestjs-advanced-rate-limiter` |
+|---|---|---|
+| Algorithms | TTL-based counter | Token bucket (GCRA), sliding window, fixed window |
+| Burst control | None | GCRA allows controlled bursts while enforcing steady rate |
+| Boundary accuracy | Resets at TTL expiry | Sliding window eliminates 2x burst at boundaries |
+| Storage efficiency | Stores timestamps | 21-64 bytes per key depending on algorithm |
+| Redis | Via separate adapter | Built-in `RedisStore` with circuit breaker (`ResilientStore`) |
+| Per-route override | Multiple throttler configs | `@Throttle()` decorator with any algorithm |
+| User tracking | Manual | Built-in JWT/session `userTracker` |
+| IP resolution | Basic | Cloudflare, nginx, proxy-depth-aware |
+
+## Install
+
+```bash
+npm install nestjs-advanced-rate-limiter
+```
+
+## Quick Start
+
+```typescript
+import { Module } from "@nestjs/common";
+import { APP_GUARD } from "@nestjs/core";
+import { ThrottlerModule, ThrottlerGuard } from "nestjs-advanced-rate-limiter";
+
+@Module({
+  imports: [
+    ThrottlerModule.forRoot({
+      algorithm: { algorithm: "token-bucket", capacity: 100, refillRate: 10 },
+    }),
+  ],
+  providers: [
+    {
+      provide: APP_GUARD,
+      useExisting: ThrottlerGuard,
+    },
+  ],
+})
+export class AppModule {}
+```
+
+Works out of the box. In-memory, token bucket, 100 capacity, 10 tokens/sec. Every route is protected.
+
+## Algorithms
+
+Three algorithms. All O(1) time and space per request.
+
+### Token Bucket (GCRA) -- Default
+
+Allows bursts up to `capacity` while enforcing a steady `refillRate` per second. Uses GCRA (Generic Cell Rate Algorithm) internally -- no refill loops, no locks, one number comparison.
+
+```typescript
+ThrottlerModule.forRoot({
+  algorithm: { algorithm: "token-bucket", capacity: 100, refillRate: 10 },
+})
+```
+
+```
+capacity = 5,  refillRate = 1/sec
+
+t=0ms   Req #1  ALLOWED  (5 tokens -> 4)
+t=0ms   Req #2  ALLOWED  (4 tokens -> 3)
+t=0ms   Req #3  ALLOWED  (3 tokens -> 2)
+t=0ms   Req #4  ALLOWED  (2 tokens -> 1)
+t=0ms   Req #5  ALLOWED  (1 tokens -> 0)
+t=0ms   Req #6  DENIED   retryAfter=1s
+t=1000  Req #7  ALLOWED  (1 token refilled)
+```
+
+Storage: **21 bytes per key**
+
+### Fixed Window
+
+Simplest option. Divides time into equal blocks, counts requests per block. Counter resets at each boundary.
+
+```typescript
+ThrottlerModule.forRoot({
+  algorithm: { algorithm: "fixed-window", limit: 100, windowMs: 60_000 },
+})
+```
+
+Storage: **39 bytes per key**
+
+> **Note:** Clients can send `limit` requests at the end of one window and `limit` at the start of the next, getting 2x the limit in a short span. If this matters, use sliding window.
+
+### Sliding Window
+
+Blends current and previous window counts to eliminate the boundary burst. Uses the two-counter approximation.
+
+```typescript
+ThrottlerModule.forRoot({
+  algorithm: { algorithm: "sliding-window", limit: 100, windowMs: 60_000 },
+})
+```
+
+Storage: **64 bytes per key**
+
+### Algorithm Comparison
+
+```
+               Fixed Window     Sliding Window    Token Bucket (GCRA)
+             +----------------+------------------+--------------------+
+ Time        |     O(1)       |      O(1)        |       O(1)         |
+ Space/key   |   39 bytes     |    64 bytes      |     21 bytes       |
+ Redis cmds  |   1 INCR       |  INCR + GET      |    1 EVAL (Lua)    |
+ Burst       | 2x at edges    |  Smoothed        |  Controlled        |
+ Precision   |   Exact        |  Approximate     |     Exact          |
+ Best for    |  Simplicity    |  Smooth limiting |  APIs / billing    |
+             +----------------+------------------+--------------------+
+```
+
+## Storage
+
+### In-Memory (default)
+
+No dependencies. Good for single-process deployments.
+
+```typescript
+import { MemoryStore } from "nestjs-advanced-rate-limiter";
+
+ThrottlerModule.forRoot({
+  store: new MemoryStore({ maxKeys: 100_000, cleanupIntervalMs: 60_000 }),
+})
+```
+
+### Redis
+
+For multi-instance deployments. Works with ioredis or any compatible client.
+
+```typescript
+import Redis from "ioredis";
+import { RedisStore } from "nestjs-advanced-rate-limiter";
+
+ThrottlerModule.forRoot({
+  store: new RedisStore(new Redis()),
+})
+```
+
+### Resilient Store
+
+Wraps any store with circuit breaker. If Redis goes down, your app keeps running.
+
+```typescript
+import { ResilientStore, RedisStore } from "nestjs-advanced-rate-limiter";
+
+ThrottlerModule.forRoot({
+  store: new ResilientStore(new RedisStore(redis), {
+    failMode: "open",     // allow traffic when store is down (default)
+    threshold: 5,         // open circuit after 5 consecutive failures
+    cooldownMs: 30_000,   // retry after 30s
+    onError: (err) => console.error(err),
+  }),
+})
+```
+
+## Decorators
+
+### `@Throttle()` -- Per-Route Override
+
+Override the default algorithm for specific routes or controllers.
+
+```typescript
+import { Controller, Post, Get } from "@nestjs/common";
+import { Throttle } from "nestjs-advanced-rate-limiter";
+
+@Controller("auth")
+export class AuthController {
+  @Throttle({ algorithm: "fixed-window", limit: 5, windowMs: 60_000 })
+  @Post("login")
+  login() {
+    // strict: 5 attempts per minute
+  }
+
+  @Get("profile")
+  profile() {
+    // uses the global default
+  }
+}
+```
+
+### `@SkipThrottle()` -- Skip Rate Limiting
+
+Disable rate limiting for specific routes or entire controllers.
+
+```typescript
+import { Controller, Get } from "@nestjs/common";
+import { SkipThrottle } from "nestjs-advanced-rate-limiter";
+
+@SkipThrottle()
+@Controller("health")
+export class HealthController {
+  @Get()
+  check() {
+    return "ok";
+  }
+}
+```
+
+## User Tracking
+
+Built-in JWT/session-based tracker. Identifies users from `Authorization: Bearer <token>` or session cookies. Falls back to IP.
+
+```typescript
+import { userTracker } from "nestjs-advanced-rate-limiter";
+
+ThrottlerModule.forRoot({
+  getTracker: userTracker(),
+})
+
+// Custom cookie name
+ThrottlerModule.forRoot({
+  getTracker: userTracker({ cookieName: "session" }),
+})
+
+// Custom JWT parser
+ThrottlerModule.forRoot({
+  getTracker: userTracker({
+    parseJwt: (token) => {
+      const payload = JSON.parse(atob(token.split(".")[1]));
+      return payload.sub;
+    },
+  }),
+})
+
+// Disable IP fallback
+ThrottlerModule.forRoot({
+  getTracker: userTracker({ fallbackToIp: false }),
+})
+```
+
+### IP Resolution
+
+The default tracker (and `userTracker` fallback) checks headers in this order:
+
+| Priority | Header | Set by |
+|---|---|---|
+| 1 | `cf-connecting-ip` | Cloudflare |
+| 2 | `x-real-ip` | nginx / load balancer |
+| 3 | `x-forwarded-for` (first IP) | Any proxy |
+| 4 | `req.ip` / `req.socket.remoteAddress` | Express / Fastify |
+
+Works with both Express and Fastify.
+
+## Async Configuration
+
+Use `forRootAsync` when you need to inject dependencies (e.g., `ConfigService`).
+
+```typescript
+import { ThrottlerModule } from "nestjs-advanced-rate-limiter";
+import { ConfigModule, ConfigService } from "@nestjs/config";
+
+@Module({
+  imports: [
+    ThrottlerModule.forRootAsync({
+      imports: [ConfigModule],
+      inject: [ConfigService],
+      useFactory: (config: ConfigService) => ({
+        algorithm: {
+          algorithm: "token-bucket",
+          capacity: config.get("RATE_LIMIT_CAPACITY", 100),
+          refillRate: config.get("RATE_LIMIT_REFILL", 10),
+        },
+      }),
+    }),
+  ],
+})
+export class AppModule {}
+```
+
+## All Options
+
+```typescript
+ThrottlerModule.forRoot({
+  // Algorithm (default: token-bucket, 100 capacity, 10/sec)
+  algorithm: { algorithm: "token-bucket", capacity: 100, refillRate: 10 },
+
+  // Storage backend (default: in-memory)
+  store: new MemoryStore(),
+
+  // Key prefix for storage (default: "rl:")
+  prefix: "rl:",
+
+  // Custom tracker function (default: IP-based)
+  getTracker: (req) => req.ip,
+
+  // Programmatic skip (default: none)
+  skipIf: (req) => req.url.includes("/health"),
+
+  // Ignore specific user agents (default: [])
+  ignoreUserAgents: [/googlebot/i, /bingbot/i],
+
+  // Custom error message or response factory (default: "Too Many Requests")
+  errorMessage: "Rate limit exceeded",
+  // or
+  errorMessage: (result) => ({
+    error: "rate_limited",
+    retryAfter: Math.ceil(result.retryAfterMs / 1000),
+  }),
+})
+```
+
+## Response Headers
+
+Every response includes rate limit headers:
+
+| Header | When | Example |
+|---|---|---|
+| `X-RateLimit-Limit` | Always | `100` |
+| `X-RateLimit-Remaining` | Always | `95` |
+| `X-RateLimit-Reset` | Always | `1712678460` (Unix timestamp) |
+| `Retry-After` | 429 only | `5` (seconds) |
+
+## Migrating from `@nestjs/throttler`
+
+```diff
+- import { ThrottlerModule, ThrottlerGuard } from "@nestjs/throttler";
++ import { ThrottlerModule, ThrottlerGuard } from "nestjs-advanced-rate-limiter";
+
+ @Module({
+   imports: [
+-    ThrottlerModule.forRoot({ ttl: 60000, limit: 10 }),
++    ThrottlerModule.forRoot({
++      algorithm: { algorithm: "fixed-window", limit: 10, windowMs: 60_000 },
++    }),
+   ],
+   providers: [{ provide: APP_GUARD, useExisting: ThrottlerGuard }],
+ })
+ export class AppModule {}
+```
+
+The `@SkipThrottle()` decorator works the same way. Replace `@Throttle()` with the new config-based syntax:
+
+```diff
+- @Throttle({ default: { limit: 5, ttl: 60000 } })
++ @Throttle({ algorithm: "fixed-window", limit: 5, windowMs: 60_000 })
+```
+
+## License
+
+MIT

package/dist/decorators/index.d.ts

@@ -0,0 +1,3 @@
+export { SkipThrottle } from "./skip-throttle.decorator";
+export { Throttle } from "./throttle.decorator";
+//# sourceMappingURL=index.d.ts.map

package/dist/decorators/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/decorators/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,2BAA2B,CAAC;AACzD,OAAO,EAAE,QAAQ,EAAE,MAAM,sBAAsB,CAAC"}

package/dist/decorators/index.js

@@ -0,0 +1,3 @@
+export { SkipThrottle } from "./skip-throttle.decorator";
+export { Throttle } from "./throttle.decorator";
+//# sourceMappingURL=index.js.map

package/dist/decorators/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/decorators/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,2BAA2B,CAAC;AACzD,OAAO,EAAE,QAAQ,EAAE,MAAM,sBAAsB,CAAC"}

package/dist/decorators/skip-throttle.decorator.d.ts

@@ -0,0 +1,12 @@
+/**
+ * Skip rate limiting for a specific controller or route.
+ *
+ * @example
+ * ```ts
+ * @SkipThrottle()
+ * @Get("health")
+ * health() { return "ok"; }
+ * ```
+ */
+export declare const SkipThrottle: () => import("@nestjs/common").CustomDecorator<string>;
+//# sourceMappingURL=skip-throttle.decorator.d.ts.map

package/dist/decorators/skip-throttle.decorator.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"skip-throttle.decorator.d.ts","sourceRoot":"","sources":["../../src/decorators/skip-throttle.decorator.ts"],"names":[],"mappings":"AAGA;;;;;;;;;GASG;AACH,eAAO,MAAM,YAAY,wDAA0C,CAAC"}

package/dist/decorators/skip-throttle.decorator.js

@@ -0,0 +1,14 @@
+import { SetMetadata } from "@nestjs/common";
+import { THROTTLER_SKIP } from "../throttler.constants";
+/**
+ * Skip rate limiting for a specific controller or route.
+ *
+ * @example
+ * ```ts
+ * @SkipThrottle()
+ * @Get("health")
+ * health() { return "ok"; }
+ * ```
+ */
+export const SkipThrottle = () => SetMetadata(THROTTLER_SKIP, true);
+//# sourceMappingURL=skip-throttle.decorator.js.map

package/dist/decorators/skip-throttle.decorator.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"skip-throttle.decorator.js","sourceRoot":"","sources":["../../src/decorators/skip-throttle.decorator.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAC7C,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AAExD;;;;;;;;;GASG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG,GAAG,EAAE,CAAC,WAAW,CAAC,cAAc,EAAE,IAAI,CAAC,CAAC"}

package/dist/decorators/throttle.decorator.d.ts

@@ -0,0 +1,13 @@
+import type { AlgorithmConfig } from "elysia-advanced-rate-limiter";
+/**
+ * Override the default rate limit algorithm for a specific controller or route.
+ *
+ * @example
+ * ```ts
+ * @Throttle({ algorithm: "fixed-window", limit: 5, windowMs: 60_000 })
+ * @Post("login")
+ * login() { ... }
+ * ```
+ */
+export declare const Throttle: (config: AlgorithmConfig) => import("@nestjs/common").CustomDecorator<string>;
+//# sourceMappingURL=throttle.decorator.d.ts.map

package/dist/decorators/throttle.decorator.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"throttle.decorator.d.ts","sourceRoot":"","sources":["../../src/decorators/throttle.decorator.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,8BAA8B,CAAC;AAGpE;;;;;;;;;GASG;AACH,eAAO,MAAM,QAAQ,GAAI,QAAQ,eAAe,qDACN,CAAC"}

package/dist/decorators/throttle.decorator.js

@@ -0,0 +1,14 @@
+import { SetMetadata } from "@nestjs/common";
+import { THROTTLER_ALGORITHM } from "../throttler.constants";
+/**
+ * Override the default rate limit algorithm for a specific controller or route.
+ *
+ * @example
+ * ```ts
+ * @Throttle({ algorithm: "fixed-window", limit: 5, windowMs: 60_000 })
+ * @Post("login")
+ * login() { ... }
+ * ```
+ */
+export const Throttle = (config) => SetMetadata(THROTTLER_ALGORITHM, config);
+//# sourceMappingURL=throttle.decorator.js.map

package/dist/decorators/throttle.decorator.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"throttle.decorator.js","sourceRoot":"","sources":["../../src/decorators/throttle.decorator.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAE7C,OAAO,EAAE,mBAAmB,EAAE,MAAM,wBAAwB,CAAC;AAE7D;;;;;;;;;GASG;AACH,MAAM,CAAC,MAAM,QAAQ,GAAG,CAAC,MAAuB,EAAE,EAAE,CAClD,WAAW,CAAC,mBAAmB,EAAE,MAAM,CAAC,CAAC"}

package/dist/index.d.ts

@@ -0,0 +1,10 @@
+export { SkipThrottle, Throttle } from "./decorators";
+export { ThrottlerGuard } from "./throttler.guard";
+export { ThrottlerModule } from "./throttler.module";
+export { userTracker } from "./trackers";
+export type { UserTrackerOptions } from "./trackers";
+export { THROTTLER_OPTIONS } from "./throttler.constants";
+export type { ThrottlerAsyncOptions, ThrottlerModuleOptions, ThrottlerOptionsFactory, } from "./throttler.interfaces";
+export type { AlgorithmConfig, RateLimitResult, RateLimitStore, TokenBucketConfig, SlidingWindowConfig, FixedWindowConfig, } from "elysia-advanced-rate-limiter";
+export { MemoryStore, RedisStore, ResilientStore, } from "elysia-advanced-rate-limiter";
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,QAAQ,EAAE,MAAM,cAAc,CAAC;AAGtD,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AAGnD,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AAGrD,OAAO,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AACzC,YAAY,EAAE,kBAAkB,EAAE,MAAM,YAAY,CAAC;AAGrD,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAG1D,YAAY,EACV,qBAAqB,EACrB,sBAAsB,EACtB,uBAAuB,GACxB,MAAM,wBAAwB,CAAC;AAGhC,YAAY,EACV,eAAe,EACf,eAAe,EACf,cAAc,EACd,iBAAiB,EACjB,mBAAmB,EACnB,iBAAiB,GAClB,MAAM,8BAA8B,CAAC;AAEtC,OAAO,EACL,WAAW,EACX,UAAU,EACV,cAAc,GACf,MAAM,8BAA8B,CAAC"}

package/dist/index.js

@@ -0,0 +1,12 @@
+// Decorators
+export { SkipThrottle, Throttle } from "./decorators";
+// Guard
+export { ThrottlerGuard } from "./throttler.guard";
+// Module
+export { ThrottlerModule } from "./throttler.module";
+// Trackers
+export { userTracker } from "./trackers";
+// Constants
+export { THROTTLER_OPTIONS } from "./throttler.constants";
+export { MemoryStore, RedisStore, ResilientStore, } from "elysia-advanced-rate-limiter";
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,aAAa;AACb,OAAO,EAAE,YAAY,EAAE,QAAQ,EAAE,MAAM,cAAc,CAAC;AAEtD,QAAQ;AACR,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AAEnD,SAAS;AACT,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AAErD,WAAW;AACX,OAAO,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAGzC,YAAY;AACZ,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAmB1D,OAAO,EACL,WAAW,EACX,UAAU,EACV,cAAc,GACf,MAAM,8BAA8B,CAAC"}

package/dist/throttler.constants.d.ts

@@ -0,0 +1,4 @@
+export declare const THROTTLER_OPTIONS = "THROTTLER_OPTIONS";
+export declare const THROTTLER_ALGORITHM = "THROTTLER:algorithm";
+export declare const THROTTLER_SKIP = "THROTTLER:skip";
+//# sourceMappingURL=throttler.constants.d.ts.map

package/dist/throttler.constants.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"throttler.constants.d.ts","sourceRoot":"","sources":["../src/throttler.constants.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,iBAAiB,sBAAsB,CAAC;AACrD,eAAO,MAAM,mBAAmB,wBAAwB,CAAC;AACzD,eAAO,MAAM,cAAc,mBAAmB,CAAC"}

package/dist/throttler.constants.js

@@ -0,0 +1,4 @@
+export const THROTTLER_OPTIONS = "THROTTLER_OPTIONS";
+export const THROTTLER_ALGORITHM = "THROTTLER:algorithm";
+export const THROTTLER_SKIP = "THROTTLER:skip";
+//# sourceMappingURL=throttler.constants.js.map

package/dist/throttler.constants.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"throttler.constants.js","sourceRoot":"","sources":["../src/throttler.constants.ts"],"names":[],"mappings":"AAAA,MAAM,CAAC,MAAM,iBAAiB,GAAG,mBAAmB,CAAC;AACrD,MAAM,CAAC,MAAM,mBAAmB,GAAG,qBAAqB,CAAC;AACzD,MAAM,CAAC,MAAM,cAAc,GAAG,gBAAgB,CAAC"}

package/dist/throttler.guard.d.ts

@@ -0,0 +1,18 @@
+import { CanActivate, ExecutionContext } from "@nestjs/common";
+import { Reflector } from "@nestjs/core";
+import type { ThrottlerModuleOptions } from "./throttler.interfaces";
+export declare class ThrottlerGuard implements CanActivate {
+    private readonly options;
+    private readonly reflector;
+    private readonly store;
+    private readonly defaultAlgorithm;
+    private readonly prefix;
+    private readonly skipIf?;
+    private readonly getTracker;
+    private readonly ignoreUserAgents;
+    private readonly errorMessage;
+    constructor(options: ThrottlerModuleOptions, reflector: Reflector);
+    canActivate(context: ExecutionContext): Promise<boolean>;
+    private defaultGetTracker;
+}
+//# sourceMappingURL=throttler.guard.d.ts.map

package/dist/throttler.guard.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"throttler.guard.d.ts","sourceRoot":"","sources":["../src/throttler.guard.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,WAAW,EACX,gBAAgB,EAKjB,MAAM,gBAAgB,CAAC;AACxB,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAQzC,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,wBAAwB,CAAC;AAkBrE,qBACa,cAAe,YAAW,WAAW;IAYnB,OAAO,CAAC,QAAQ,CAAC,OAAO;IACnD,OAAO,CAAC,QAAQ,CAAC,SAAS;IAZ5B,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAiB;IACvC,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAkB;IACnD,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAS;IAChC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAwB;IAChD,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAuB;IAClD,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAW;IAC5C,OAAO,CAAC,QAAQ,CAAC,YAAY,CAEsB;gBAGL,OAAO,EAAE,sBAAsB,EAC1D,SAAS,EAAE,SAAS;IAejC,WAAW,CAAC,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,OAAO,CAAC;IAiE9D,OAAO,CAAC,iBAAiB;CAe1B"}

package/dist/throttler.guard.js

@@ -0,0 +1,118 @@
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+};
+import { HttpException, HttpStatus, Inject, Injectable, } from "@nestjs/common";
+import { Reflector } from "@nestjs/core";
+import { MemoryStore } from "elysia-advanced-rate-limiter";
+import { THROTTLER_ALGORITHM, THROTTLER_OPTIONS, THROTTLER_SKIP } from "./throttler.constants";
+const MAX_RETRY_MS = 2_147_483_647;
+function sanitize(val) {
+    return Number.isFinite(val) ? val : MAX_RETRY_MS;
+}
+function computeTtlMs(config) {
+    switch (config.algorithm) {
+        case "token-bucket":
+            return Math.ceil((config.capacity / config.refillRate) * 1000) + 60_000;
+        case "sliding-window":
+        case "fixed-window":
+            return config.windowMs + 60_000;
+    }
+}
+let ThrottlerGuard = class ThrottlerGuard {
+    options;
+    reflector;
+    store;
+    defaultAlgorithm;
+    prefix;
+    skipIf;
+    getTracker;
+    ignoreUserAgents;
+    errorMessage;
+    constructor(options, reflector) {
+        this.options = options;
+        this.reflector = reflector;
+        this.defaultAlgorithm = options.algorithm ?? {
+            algorithm: "token-bucket",
+            capacity: 100,
+            refillRate: 10,
+        };
+        this.store = options.store ?? new MemoryStore({ maxKeys: 100_000 });
+        this.prefix = options.prefix ?? "rl:";
+        this.skipIf = options.skipIf;
+        this.getTracker = options.getTracker ?? this.defaultGetTracker;
+        this.ignoreUserAgents = options.ignoreUserAgents ?? [];
+        this.errorMessage = options.errorMessage ?? "Too Many Requests";
+    }
+    async canActivate(context) {
+        const skipClass = this.reflector.get(THROTTLER_SKIP, context.getClass());
+        if (skipClass)
+            return true;
+        const skipHandler = this.reflector.get(THROTTLER_SKIP, context.getHandler());
+        if (skipHandler)
+            return true;
+        const req = context.switchToHttp().getRequest();
+        const res = context.switchToHttp().getResponse();
+        if (this.skipIf?.(req))
+            return true;
+        const userAgent = req.headers?.["user-agent"] ?? "";
+        if (this.ignoreUserAgents.some((regex) => regex.test(userAgent))) {
+            return true;
+        }
+        const algorithmConfig = this.reflector.getAllAndOverride(THROTTLER_ALGORITHM, [
+            context.getHandler(),
+            context.getClass(),
+        ]) ?? this.defaultAlgorithm;
+        const tracker = this.getTracker(req);
+        const storeKey = `${this.prefix}${tracker}`;
+        const ttlMs = computeTtlMs(algorithmConfig);
+        const nowMs = Date.now();
+        const result = await this.store.check(storeKey, algorithmConfig, nowMs, ttlMs);
+        const remaining = sanitize(result.remaining);
+        const resetMs = sanitize(result.resetMs);
+        const resetTimestamp = String(Math.ceil((nowMs + resetMs) / 1000));
+        res.header("X-RateLimit-Limit", String(result.limit));
+        res.header("X-RateLimit-Remaining", String(remaining));
+        res.header("X-RateLimit-Reset", resetTimestamp);
+        if (!result.allowed) {
+            const retryAfterMs = sanitize(result.retryAfterMs);
+            const retryAfter = String(Math.ceil(retryAfterMs / 1000));
+            res.header("Retry-After", retryAfter);
+            const body = typeof this.errorMessage === "function"
+                ? this.errorMessage(result)
+                : { statusCode: 429, message: this.errorMessage };
+            throw new HttpException(body, HttpStatus.TOO_MANY_REQUESTS);
+        }
+        return true;
+    }
+    defaultGetTracker(req) {
+        const cfIp = req.headers?.["cf-connecting-ip"];
+        if (cfIp)
+            return cfIp;
+        const realIp = req.headers?.["x-real-ip"];
+        if (realIp)
+            return realIp;
+        const xff = req.headers?.["x-forwarded-for"];
+        if (xff) {
+            const first = typeof xff === "string" ? xff.split(",")[0]?.trim() : xff[0];
+            if (first)
+                return first;
+        }
+        return req.ip ?? req.socket?.remoteAddress ?? "anonymous";
+    }
+};
+ThrottlerGuard = __decorate([
+    Injectable(),
+    __param(0, Inject(THROTTLER_OPTIONS)),
+    __metadata("design:paramtypes", [Object, Reflector])
+], ThrottlerGuard);
+export { ThrottlerGuard };
+//# sourceMappingURL=throttler.guard.js.map

package/dist/throttler.guard.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"throttler.guard.js","sourceRoot":"","sources":["../src/throttler.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,OAAO,EAGL,aAAa,EACb,UAAU,EACV,MAAM,EACN,UAAU,GACX,MAAM,gBAAgB,CAAC;AACxB,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,EAAE,WAAW,EAAE,MAAM,8BAA8B,CAAC;AAM3D,OAAO,EAAE,mBAAmB,EAAE,iBAAiB,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAG/F,MAAM,YAAY,GAAG,aAAa,CAAC;AAEnC,SAAS,QAAQ,CAAC,GAAW;IAC3B,OAAO,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,YAAY,CAAC;AACnD,CAAC;AAED,SAAS,YAAY,CAAC,MAAuB;IAC3C,QAAQ,MAAM,CAAC,SAAS,EAAE,CAAC;QACzB,KAAK,cAAc;YACjB,OAAO,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,QAAQ,GAAG,MAAM,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,GAAG,MAAM,CAAC;QAC1E,KAAK,gBAAgB,CAAC;QACtB,KAAK,cAAc;YACjB,OAAO,MAAM,CAAC,QAAQ,GAAG,MAAM,CAAC;IACpC,CAAC;AACH,CAAC;AAGM,IAAM,cAAc,GAApB,MAAM,cAAc;IAYqB;IAC3B;IAZF,KAAK,CAAiB;IACtB,gBAAgB,CAAkB;IAClC,MAAM,CAAS;IACf,MAAM,CAAyB;IAC/B,UAAU,CAAuB;IACjC,gBAAgB,CAAW;IAC3B,YAAY,CAEsB;IAEnD,YAC8C,OAA+B,EAC1D,SAAoB;QADO,YAAO,GAAP,OAAO,CAAwB;QAC1D,cAAS,GAAT,SAAS,CAAW;QAErC,IAAI,CAAC,gBAAgB,GAAG,OAAO,CAAC,SAAS,IAAI;YAC3C,SAAS,EAAE,cAAc;YACzB,QAAQ,EAAE,GAAG;YACb,UAAU,EAAE,EAAE;SACf,CAAC;QACF,IAAI,CAAC,KAAK,GAAG,OAAO,CAAC,KAAK,IAAI,IAAI,WAAW,CAAC,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC,CAAC;QACpE,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,IAAI,KAAK,CAAC;QACtC,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,IAAI,CAAC,iBAAiB,CAAC;QAC/D,IAAI,CAAC,gBAAgB,GAAG,OAAO,CAAC,gBAAgB,IAAI,EAAE,CAAC;QACvD,IAAI,CAAC,YAAY,GAAG,OAAO,CAAC,YAAY,IAAI,mBAAmB,CAAC;IAClE,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,OAAyB;QACzC,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAClC,cAAc,EACd,OAAO,CAAC,QAAQ,EAAE,CACnB,CAAC;QACF,IAAI,SAAS;YAAE,OAAO,IAAI,CAAC;QAE3B,MAAM,WAAW,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CACpC,cAAc,EACd,OAAO,CAAC,UAAU,EAAE,CACrB,CAAC;QACF,IAAI,WAAW;YAAE,OAAO,IAAI,CAAC;QAE7B,MAAM,GAAG,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAE,CAAC;QAChD,MAAM,GAAG,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,WAAW,EAAE,CAAC;QAEjD,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC;YAAE,OAAO,IAAI,CAAC;QAEpC,MAAM,SAAS,GAAW,GAAG,CAAC,OAAO,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC;QAC5D,IAAI,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC;YACjE,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,eAAe,GACnB,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAkB,mBAAmB,EAAE;YACrE,OAAO,CAAC,UAAU,EAAE;YACpB,OAAO,CAAC,QAAQ,EAAE;SACnB,CAAC,IAAI,IAAI,CAAC,gBAAgB,CAAC;QAE9B,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;QACrC,MAAM,QAAQ,GAAG,GAAG,IAAI,CAAC,MAAM,GAAG,OAAO,EAAE,CAAC;QAC5C,MAAM,KAAK,GAAG,YAAY,CAAC,eAAe,CAAC,CAAC;QAC5C,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAEzB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,KAAK,CACnC,QAAQ,EACR,eAAe,EACf,KAAK,EACL,KAAK,CACN,CAAC;QAEF,MAAM,SAAS,GAAG,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAC7C,MAAM,OAAO,GAAG,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QACzC,MAAM,cAAc,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,GAAG,OAAO,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC;QAEnE,GAAG,CAAC,MAAM,CAAC,mBAAmB,EAAE,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;QACtD,GAAG,CAAC,MAAM,CAAC,uBAAuB,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC;QACvD,GAAG,CAAC,MAAM,CAAC,mBAAmB,EAAE,cAAc,CAAC,CAAC;QAEhD,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACpB,MAAM,YAAY,GAAG,QAAQ,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;YACnD,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC,CAAC,CAAC;YAC1D,GAAG,CAAC,MAAM,CAAC,aAAa,EAAE,UAAU,CAAC,CAAC;YAEtC,MAAM,IAAI,GACR,OAAO,IAAI,CAAC,YAAY,KAAK,UAAU;gBACrC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC;gBAC3B,CAAC,CAAC,EAAE,UAAU,EAAE,GAAG,EAAE,OAAO,EAAE,IAAI,CAAC,YAAY,EAAE,CAAC;YAEtD,MAAM,IAAI,aAAa,CAAC,IAAI,EAAE,UAAU,CAAC,iBAAiB,CAAC,CAAC;QAC9D,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,iBAAiB,CAAC,GAAQ;QAChC,MAAM,IAAI,GAAG,GAAG,CAAC,OAAO,EAAE,CAAC,kBAAkB,CAAC,CAAC;QAC/C,IAAI,IAAI;YAAE,OAAO,IAAI,CAAC;QAEtB,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,EAAE,CAAC,WAAW,CAAC,CAAC;QAC1C,IAAI,MAAM;YAAE,OAAO,MAAM,CAAC;QAE1B,MAAM,GAAG,GAAG,GAAG,CAAC,OAAO,EAAE,CAAC,iBAAiB,CAAC,CAAC;QAC7C,IAAI,GAAG,EAAE,CAAC;YACR,MAAM,KAAK,GAAG,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YAC3E,IAAI,KAAK;gBAAE,OAAO,KAAK,CAAC;QAC1B,CAAC;QAED,OAAO,GAAG,CAAC,EAAE,IAAI,GAAG,CAAC,MAAM,EAAE,aAAa,IAAI,WAAW,CAAC;IAC5D,CAAC;CACF,CAAA;AA5GY,cAAc;IAD1B,UAAU,EAAE;IAaR,WAAA,MAAM,CAAC,iBAAiB,CAAC,CAAA;6CACE,SAAS;GAb5B,cAAc,CA4G1B"}

package/dist/throttler.interfaces.d.ts

@@ -0,0 +1,21 @@
+import type { ModuleMetadata, Type } from "@nestjs/common";
+import type { AlgorithmConfig, RateLimitResult, RateLimitStore } from "elysia-advanced-rate-limiter";
+export interface ThrottlerModuleOptions {
+    algorithm?: AlgorithmConfig;
+    store?: RateLimitStore;
+    prefix?: string;
+    errorMessage?: string | ((result: RateLimitResult) => string | object);
+    skipIf?: (request: any) => boolean;
+    getTracker?: (request: any) => string;
+    ignoreUserAgents?: RegExp[];
+}
+export interface ThrottlerOptionsFactory {
+    createThrottlerOptions(): ThrottlerModuleOptions | Promise<ThrottlerModuleOptions>;
+}
+export interface ThrottlerAsyncOptions extends Pick<ModuleMetadata, "imports"> {
+    useExisting?: Type<ThrottlerOptionsFactory>;
+    useClass?: Type<ThrottlerOptionsFactory>;
+    useFactory?: (...args: any[]) => ThrottlerModuleOptions | Promise<ThrottlerModuleOptions>;
+    inject?: any[];
+}
+//# sourceMappingURL=throttler.interfaces.d.ts.map

package/dist/throttler.interfaces.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"throttler.interfaces.d.ts","sourceRoot":"","sources":["../src/throttler.interfaces.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,IAAI,EAAE,MAAM,gBAAgB,CAAC;AAC3D,OAAO,KAAK,EACV,eAAe,EACf,eAAe,EACf,cAAc,EACf,MAAM,8BAA8B,CAAC;AAEtC,MAAM,WAAW,sBAAsB;IACrC,SAAS,CAAC,EAAE,eAAe,CAAC;IAC5B,KAAK,CAAC,EAAE,cAAc,CAAC;IACvB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,YAAY,CAAC,EAAE,MAAM,GAAG,CAAC,CAAC,MAAM,EAAE,eAAe,KAAK,MAAM,GAAG,MAAM,CAAC,CAAC;IACvE,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,KAAK,OAAO,CAAC;IACnC,UAAU,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,KAAK,MAAM,CAAC;IACtC,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;CAC7B;AAED,MAAM,WAAW,uBAAuB;IACtC,sBAAsB,IAClB,sBAAsB,GACtB,OAAO,CAAC,sBAAsB,CAAC,CAAC;CACrC;AAED,MAAM,WAAW,qBAAsB,SAAQ,IAAI,CAAC,cAAc,EAAE,SAAS,CAAC;IAC5E,WAAW,CAAC,EAAE,IAAI,CAAC,uBAAuB,CAAC,CAAC;IAC5C,QAAQ,CAAC,EAAE,IAAI,CAAC,uBAAuB,CAAC,CAAC;IACzC,UAAU,CAAC,EAAE,CACX,GAAG,IAAI,EAAE,GAAG,EAAE,KACX,sBAAsB,GAAG,OAAO,CAAC,sBAAsB,CAAC,CAAC;IAC9D,MAAM,CAAC,EAAE,GAAG,EAAE,CAAC;CAChB"}

package/dist/throttler.interfaces.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=throttler.interfaces.js.map

package/dist/throttler.interfaces.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"throttler.interfaces.js","sourceRoot":"","sources":["../src/throttler.interfaces.ts"],"names":[],"mappings":""}

package/dist/throttler.module.d.ts

@@ -0,0 +1,9 @@
+import { DynamicModule } from "@nestjs/common";
+import type { ThrottlerAsyncOptions, ThrottlerModuleOptions } from "./throttler.interfaces";
+export declare class ThrottlerModule {
+    static forRoot(options?: ThrottlerModuleOptions): DynamicModule;
+    static forRootAsync(options: ThrottlerAsyncOptions): DynamicModule;
+    private static createAsyncProviders;
+    private static createAsyncOptionsProvider;
+}
+//# sourceMappingURL=throttler.module.d.ts.map

package/dist/throttler.module.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"throttler.module.d.ts","sourceRoot":"","sources":["../src/throttler.module.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAoB,MAAM,gBAAgB,CAAC;AAGjE,OAAO,KAAK,EACV,qBAAqB,EACrB,sBAAsB,EAEvB,MAAM,wBAAwB,CAAC;AAEhC,qBACa,eAAe;IAC1B,MAAM,CAAC,OAAO,CAAC,OAAO,GAAE,sBAA2B,GAAG,aAAa;IAYnE,MAAM,CAAC,YAAY,CAAC,OAAO,EAAE,qBAAqB,GAAG,aAAa;IAWlE,OAAO,CAAC,MAAM,CAAC,oBAAoB;IAiBnC,OAAO,CAAC,MAAM,CAAC,0BAA0B;CAmB1C"}

package/dist/throttler.module.js

@@ -0,0 +1,65 @@
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var ThrottlerModule_1;
+import { Module } from "@nestjs/common";
+import { THROTTLER_OPTIONS } from "./throttler.constants";
+import { ThrottlerGuard } from "./throttler.guard";
+let ThrottlerModule = ThrottlerModule_1 = class ThrottlerModule {
+    static forRoot(options = {}) {
+        return {
+            module: ThrottlerModule_1,
+            global: true,
+            providers: [
+                { provide: THROTTLER_OPTIONS, useValue: options },
+                ThrottlerGuard,
+            ],
+            exports: [THROTTLER_OPTIONS, ThrottlerGuard],
+        };
+    }
+    static forRootAsync(options) {
+        const providers = this.createAsyncProviders(options);
+        return {
+            module: ThrottlerModule_1,
+            global: true,
+            imports: options.imports ?? [],
+            providers: [...providers, ThrottlerGuard],
+            exports: [THROTTLER_OPTIONS, ThrottlerGuard],
+        };
+    }
+    static createAsyncProviders(options) {
+        if (options.useExisting || options.useFactory) {
+            return [this.createAsyncOptionsProvider(options)];
+        }
+        if (options.useClass) {
+            return [
+                this.createAsyncOptionsProvider(options),
+                { provide: options.useClass, useClass: options.useClass },
+            ];
+        }
+        return [{ provide: THROTTLER_OPTIONS, useValue: {} }];
+    }
+    static createAsyncOptionsProvider(options) {
+        if (options.useFactory) {
+            return {
+                provide: THROTTLER_OPTIONS,
+                useFactory: options.useFactory,
+                inject: options.inject ?? [],
+            };
+        }
+        const inject = options.useExisting ?? options.useClass;
+        return {
+            provide: THROTTLER_OPTIONS,
+            useFactory: (factory) => factory.createThrottlerOptions(),
+            inject: inject ? [inject] : [],
+        };
+    }
+};
+ThrottlerModule = ThrottlerModule_1 = __decorate([
+    Module({})
+], ThrottlerModule);
+export { ThrottlerModule };
+//# sourceMappingURL=throttler.module.js.map

package/dist/throttler.module.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"throttler.module.js","sourceRoot":"","sources":["../src/throttler.module.ts"],"names":[],"mappings":";;;;;;;AAAA,OAAO,EAAiB,MAAM,EAAY,MAAM,gBAAgB,CAAC;AACjE,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAC1D,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AAQ5C,IAAM,eAAe,uBAArB,MAAM,eAAe;IAC1B,MAAM,CAAC,OAAO,CAAC,UAAkC,EAAE;QACjD,OAAO;YACL,MAAM,EAAE,iBAAe;YACvB,MAAM,EAAE,IAAI;YACZ,SAAS,EAAE;gBACT,EAAE,OAAO,EAAE,iBAAiB,EAAE,QAAQ,EAAE,OAAO,EAAE;gBACjD,cAAc;aACf;YACD,OAAO,EAAE,CAAC,iBAAiB,EAAE,cAAc,CAAC;SAC7C,CAAC;IACJ,CAAC;IAED,MAAM,CAAC,YAAY,CAAC,OAA8B;QAChD,MAAM,SAAS,GAAG,IAAI,CAAC,oBAAoB,CAAC,OAAO,CAAC,CAAC;QACrD,OAAO;YACL,MAAM,EAAE,iBAAe;YACvB,MAAM,EAAE,IAAI;YACZ,OAAO,EAAE,OAAO,CAAC,OAAO,IAAI,EAAE;YAC9B,SAAS,EAAE,CAAC,GAAG,SAAS,EAAE,cAAc,CAAC;YACzC,OAAO,EAAE,CAAC,iBAAiB,EAAE,cAAc,CAAC;SAC7C,CAAC;IACJ,CAAC;IAEO,MAAM,CAAC,oBAAoB,CACjC,OAA8B;QAE9B,IAAI,OAAO,CAAC,WAAW,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;YAC9C,OAAO,CAAC,IAAI,CAAC,0BAA0B,CAAC,OAAO,CAAC,CAAC,CAAC;QACpD,CAAC;QAED,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;YACrB,OAAO;gBACL,IAAI,CAAC,0BAA0B,CAAC,OAAO,CAAC;gBACxC,EAAE,OAAO,EAAE,OAAO,CAAC,QAAQ,EAAE,QAAQ,EAAE,OAAO,CAAC,QAAQ,EAAE;aAC1D,CAAC;QACJ,CAAC;QAED,OAAO,CAAC,EAAE,OAAO,EAAE,iBAAiB,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC,CAAC;IACxD,CAAC;IAEO,MAAM,CAAC,0BAA0B,CACvC,OAA8B;QAE9B,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;YACvB,OAAO;gBACL,OAAO,EAAE,iBAAiB;gBAC1B,UAAU,EAAE,OAAO,CAAC,UAAU;gBAC9B,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,EAAE;aAC7B,CAAC;QACJ,CAAC;QAED,MAAM,MAAM,GAAG,OAAO,CAAC,WAAW,IAAI,OAAO,CAAC,QAAQ,CAAC;QACvD,OAAO;YACL,OAAO,EAAE,iBAAiB;YAC1B,UAAU,EAAE,CAAC,OAAgC,EAAE,EAAE,CAC/C,OAAO,CAAC,sBAAsB,EAAE;YAClC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE;SAC/B,CAAC;IACJ,CAAC;CACF,CAAA;AA5DY,eAAe;IAD3B,MAAM,CAAC,EAAE,CAAC;GACE,eAAe,CA4D3B"}

package/dist/trackers.d.ts

@@ -0,0 +1,32 @@
+export interface UserTrackerOptions {
+    /**
+     * Cookie name to look for a JWT session token.
+     * @default "better-auth.session_token"
+     */
+    cookieName?: string;
+    /**
+     * Custom JWT parser. Receives the raw token, returns a user ID or null.
+     * Default: decodes JWT payload and extracts sub/userId/id.
+     */
+    parseJwt?: (token: string) => string | null;
+    /**
+     * Fall back to IP-based tracking when no user identity is found.
+     * @default true
+     */
+    fallbackToIp?: boolean;
+}
+/**
+ * NestJS-compatible tracker that identifies users from JWT/session,
+ * with optional IP fallback.
+ *
+ * Works with Express and Fastify request objects.
+ *
+ * @example
+ * ```ts
+ * ThrottlerModule.forRoot({
+ *   getTracker: userTracker({ cookieName: "session", fallbackToIp: true }),
+ * })
+ * ```
+ */
+export declare function userTracker(options?: UserTrackerOptions): (req: any) => string;
+//# sourceMappingURL=trackers.d.ts.map

package/dist/trackers.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"trackers.d.ts","sourceRoot":"","sources":["../src/trackers.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,kBAAkB;IACjC;;;OAGG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB;;;OAGG;IACH,QAAQ,CAAC,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,MAAM,GAAG,IAAI,CAAC;IAE5C;;;OAGG;IACH,YAAY,CAAC,EAAE,OAAO,CAAC;CACxB;AA6BD;;;;;;;;;;;;GAYG;AACH,wBAAgB,WAAW,CAAC,OAAO,GAAE,kBAAuB,GAAG,CAAC,GAAG,EAAE,GAAG,KAAK,MAAM,CA6ClF"}

package/dist/trackers.js

@@ -0,0 +1,84 @@
+function defaultParseJwt(token) {
+    try {
+        const parts = token.split(".");
+        if (parts.length !== 3)
+            return null;
+        const payload = JSON.parse(atob(parts[1]));
+        return (payload.sub ?? payload.userId ?? payload.id);
+    }
+    catch {
+        return null;
+    }
+}
+function extractIp(req) {
+    const cfIp = req.headers?.["cf-connecting-ip"];
+    if (cfIp)
+        return cfIp;
+    const realIp = req.headers?.["x-real-ip"];
+    if (realIp)
+        return realIp;
+    const xff = req.headers?.["x-forwarded-for"];
+    if (xff) {
+        const first = typeof xff === "string" ? xff.split(",")[0]?.trim() : xff[0];
+        if (first)
+            return first;
+    }
+    return req.ip ?? req.socket?.remoteAddress ?? "anonymous";
+}
+/**
+ * NestJS-compatible tracker that identifies users from JWT/session,
+ * with optional IP fallback.
+ *
+ * Works with Express and Fastify request objects.
+ *
+ * @example
+ * ```ts
+ * ThrottlerModule.forRoot({
+ *   getTracker: userTracker({ cookieName: "session", fallbackToIp: true }),
+ * })
+ * ```
+ */
+export function userTracker(options = {}) {
+    const cookieName = options.cookieName ?? "better-auth.session_token";
+    const parseJwt = options.parseJwt ?? defaultParseJwt;
+    const fallbackToIp = options.fallbackToIp ?? true;
+    return (req) => {
+        // Try Authorization header
+        const auth = req.headers?.["authorization"];
+        if (auth?.startsWith("Bearer ")) {
+            const userId = parseJwt(auth.slice(7));
+            if (userId)
+                return `user:${userId}`;
+        }
+        // Try cookie
+        const cookieHeader = typeof req.cookies === "object"
+            ? req.cookies?.[cookieName]
+            : req.headers?.["cookie"];
+        if (cookieHeader) {
+            let token;
+            if (typeof req.cookies === "object") {
+                // Express with cookie-parser / Fastify cookie
+                token = req.cookies[cookieName];
+            }
+            else {
+                // Raw cookie header
+                const match = cookieHeader
+                    .split(";")
+                    .map((c) => c.trim())
+                    .find((c) => c.startsWith(`${cookieName}=`));
+                if (match) {
+                    token = match.split("=").slice(1).join("=");
+                }
+            }
+            if (token) {
+                const userId = parseJwt(token);
+                if (userId)
+                    return `user:${userId}`;
+            }
+        }
+        if (fallbackToIp)
+            return extractIp(req);
+        return "anonymous";
+    };
+}
+//# sourceMappingURL=trackers.js.map

package/dist/trackers.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"trackers.js","sourceRoot":"","sources":["../src/trackers.ts"],"names":[],"mappings":"AAoBA,SAAS,eAAe,CAAC,KAAa;IACpC,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC/B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,IAAI,CAAC;QACpC,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAE,CAAC,CAAC,CAAC;QAC5C,OAAO,CAAC,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,EAAE,CAAkB,CAAC;IACxE,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,SAAS,SAAS,CAAC,GAAQ;IACzB,MAAM,IAAI,GAAG,GAAG,CAAC,OAAO,EAAE,CAAC,kBAAkB,CAAC,CAAC;IAC/C,IAAI,IAAI;QAAE,OAAO,IAAI,CAAC;IAEtB,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,EAAE,CAAC,WAAW,CAAC,CAAC;IAC1C,IAAI,MAAM;QAAE,OAAO,MAAM,CAAC;IAE1B,MAAM,GAAG,GAAG,GAAG,CAAC,OAAO,EAAE,CAAC,iBAAiB,CAAC,CAAC;IAC7C,IAAI,GAAG,EAAE,CAAC;QACR,MAAM,KAAK,GAAG,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QAC3E,IAAI,KAAK;YAAE,OAAO,KAAK,CAAC;IAC1B,CAAC;IAED,OAAO,GAAG,CAAC,EAAE,IAAI,GAAG,CAAC,MAAM,EAAE,aAAa,IAAI,WAAW,CAAC;AAC5D,CAAC;AAED;;;;;;;;;;;;GAYG;AACH,MAAM,UAAU,WAAW,CAAC,UAA8B,EAAE;IAC1D,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,2BAA2B,CAAC;IACrE,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,eAAe,CAAC;IACrD,MAAM,YAAY,GAAG,OAAO,CAAC,YAAY,IAAI,IAAI,CAAC;IAElD,OAAO,CAAC,GAAQ,EAAU,EAAE;QAC1B,2BAA2B;QAC3B,MAAM,IAAI,GAAuB,GAAG,CAAC,OAAO,EAAE,CAAC,eAAe,CAAC,CAAC;QAChE,IAAI,IAAI,EAAE,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YAChC,MAAM,MAAM,GAAG,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;YACvC,IAAI,MAAM;gBAAE,OAAO,QAAQ,MAAM,EAAE,CAAC;QACtC,CAAC;QAED,aAAa;QACb,MAAM,YAAY,GAChB,OAAO,GAAG,CAAC,OAAO,KAAK,QAAQ;YAC7B,CAAC,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC,UAAU,CAAC;YAC3B,CAAC,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC,QAAQ,CAAC,CAAC;QAE9B,IAAI,YAAY,EAAE,CAAC;YACjB,IAAI,KAAyB,CAAC;YAE9B,IAAI,OAAO,GAAG,CAAC,OAAO,KAAK,QAAQ,EAAE,CAAC;gBACpC,8CAA8C;gBAC9C,KAAK,GAAG,GAAG,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;YAClC,CAAC;iBAAM,CAAC;gBACN,oBAAoB;gBACpB,MAAM,KAAK,GAAG,YAAY;qBACvB,KAAK,CAAC,GAAG,CAAC;qBACV,GAAG,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;qBAC5B,IAAI,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,UAAU,GAAG,CAAC,CAAC,CAAC;gBACvD,IAAI,KAAK,EAAE,CAAC;oBACV,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBAC9C,CAAC;YACH,CAAC;YAED,IAAI,KAAK,EAAE,CAAC;gBACV,MAAM,MAAM,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC;gBAC/B,IAAI,MAAM;oBAAE,OAAO,QAAQ,MAAM,EAAE,CAAC;YACtC,CAAC;QACH,CAAC;QAED,IAAI,YAAY;YAAE,OAAO,SAAS,CAAC,GAAG,CAAC,CAAC;QACxC,OAAO,WAAW,CAAC;IACrB,CAAC,CAAC;AACJ,CAAC"}

package/package.json

@@ -0,0 +1,78 @@
+{
+  "name": "nestjs-advanced-rate-limiter",
+  "version": "0.1.0",
+  "type": "module",
+  "description": "Advanced rate limiter for NestJS. Token bucket (GCRA), sliding window, fixed window. In-memory or Redis. Drop-in replacement for @nestjs/throttler.",
+  "author": "mrtcmn",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/mrtcmn/nestjs-advanced-rate-limitter.git"
+  },
+  "bugs": {
+    "url": "https://github.com/mrtcmn/nestjs-advanced-rate-limitter/issues"
+  },
+  "homepage": "https://github.com/mrtcmn/nestjs-advanced-rate-limitter#readme",
+  "keywords": [
+    "nestjs",
+    "rate-limiter",
+    "rate-limiting",
+    "throttler",
+    "token-bucket",
+    "gcra",
+    "sliding-window",
+    "fixed-window",
+    "redis",
+    "guard",
+    "decorator",
+    "middleware"
+  ],
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js"
+    }
+  },
+  "files": [
+    "dist",
+    "README.md",
+    "LICENSE"
+  ],
+  "scripts": {
+    "build": "rm -rf dist && tsc --project tsconfig.build.json",
+    "typecheck": "tsc --noEmit",
+    "test": "NODE_OPTIONS='--experimental-vm-modules' jest",
+    "test:watch": "jest --watch",
+    "prepublishOnly": "npm run build"
+  },
+  "dependencies": {
+    "elysia-advanced-rate-limiter": "^0.4.0"
+  },
+  "peerDependencies": {
+    "@nestjs/common": ">=10.0.0",
+    "@nestjs/core": ">=10.0.0",
+    "reflect-metadata": ">=0.1.0"
+  },
+  "peerDependenciesMeta": {
+    "reflect-metadata": {
+      "optional": false
+    }
+  },
+  "devDependencies": {
+    "@nestjs/common": "^10.0.0",
+    "@nestjs/core": "^10.0.0",
+    "@nestjs/platform-express": "^11.1.18",
+    "@nestjs/testing": "^11.1.18",
+    "@types/express": "^5.0.6",
+    "@types/jest": "^30.0.0",
+    "@types/supertest": "^7.2.0",
+    "jest": "^30.3.0",
+    "reflect-metadata": "^0.2.2",
+    "rxjs": "^7.8.1",
+    "supertest": "^7.2.2",
+    "ts-jest": "^29.4.9",
+    "typescript": "^5.8.3"
+  }
+}