ratelimit-flex 1.0.0

package/dist/cjs/strategies/rate-limit-engine.js

@@ -0,0 +1,128 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.RateLimitEngine = void 0;
+exports.defaultKeyGenerator = defaultKeyGenerator;
+exports.createRateLimiter = createRateLimiter;
+const memory_store_js_1 = require("../stores/memory-store.js");
+const index_js_1 = require("../types/index.js");
+/**
+ * Default key extractor: uses `req.ip`, then `socket.remoteAddress`, else `"unknown"`.
+ * Strings are returned as-is so you can pass a precomputed key.
+ */
+function defaultKeyGenerator(req) {
+    if (typeof req === 'string') {
+        return req;
+    }
+    if (req !== null && typeof req === 'object') {
+        const r = req;
+        if (typeof r.ip === 'string' && r.ip.length > 0) {
+            return r.ip;
+        }
+        const socket = r.socket;
+        if (socket !== null && typeof socket === 'object' && 'remoteAddress' in socket) {
+            const addr = socket.remoteAddress;
+            if (typeof addr === 'string' && addr.length > 0) {
+                return addr;
+            }
+        }
+    }
+    return 'unknown';
+}
+function createDefaultMemoryStore(options) {
+    if (options.strategy === index_js_1.RateLimitStrategy.TOKEN_BUCKET) {
+        return new memory_store_js_1.MemoryStore({
+            strategy: index_js_1.RateLimitStrategy.TOKEN_BUCKET,
+            tokensPerInterval: options.tokensPerInterval,
+            interval: options.interval,
+            bucketSize: options.bucketSize,
+        });
+    }
+    return new memory_store_js_1.MemoryStore({
+        strategy: options.strategy ?? index_js_1.RateLimitStrategy.SLIDING_WINDOW,
+        windowMs: options.windowMs ?? 60000,
+        maxRequests: options.maxRequests ?? 100,
+    });
+}
+function resolveOptions(input) {
+    const store = input.store ?? createDefaultMemoryStore(input);
+    return { ...input, store };
+}
+/**
+ * Build a {@link RateLimitEngine} with optional in-memory store when `store` is omitted.
+ */
+function createRateLimiter(options) {
+    return new RateLimitEngine(resolveOptions(options));
+}
+/**
+ * Orchestrates key extraction, store increments, header generation, and limit callbacks.
+ */
+class RateLimitEngine {
+    constructor(options) {
+        this.options = options;
+    }
+    /**
+     * Applies rate limiting for an incoming request-like value.
+     * Uses {@link RateLimitOptionsBase.keyGenerator} (or {@link defaultKeyGenerator}) to derive the storage key.
+     */
+    async consume(req) {
+        const key = (this.options.keyGenerator ?? defaultKeyGenerator)(req);
+        return this.consumeWithKey(key, req);
+    }
+    /**
+     * Rate limit using a precomputed storage key (skips `keyGenerator`).
+     * Pass the same `req` for `onLimitReached` / `skip` callbacks when applicable.
+     */
+    async consumeWithKey(key, req = key) {
+        if (this.options.skip?.(req) === true) {
+            return this.buildPassthroughResult();
+        }
+        const result = await this.options.store.increment(key);
+        const headers = this.buildHeaders(result);
+        if (result.isBlocked && this.options.onLimitReached) {
+            await Promise.resolve(this.options.onLimitReached(req, result));
+        }
+        return { ...result, headers };
+    }
+    getLimit() {
+        if (this.options.strategy === index_js_1.RateLimitStrategy.TOKEN_BUCKET) {
+            return this.options.bucketSize;
+        }
+        return this.options.maxRequests ?? 100;
+    }
+    buildPassthroughResult() {
+        const limit = this.getLimit();
+        const resetTime = new Date(Date.now() + 60000);
+        const base = {
+            totalHits: 0,
+            remaining: limit,
+            resetTime,
+            isBlocked: false,
+        };
+        return {
+            ...base,
+            headers: this.composeHeaders(base),
+        };
+    }
+    buildHeaders(result) {
+        return this.composeHeaders(result);
+    }
+    composeHeaders(result) {
+        if (this.options.headers === false) {
+            return {};
+        }
+        const limit = this.getLimit();
+        const resetSec = Math.ceil(result.resetTime.getTime() / 1000);
+        const headers = {
+            'X-RateLimit-Limit': String(limit),
+            'X-RateLimit-Remaining': String(Math.max(0, result.remaining)),
+            'X-RateLimit-Reset': String(resetSec),
+        };
+        if (result.isBlocked) {
+            const retryAfterSec = Math.max(1, Math.ceil((result.resetTime.getTime() - Date.now()) / 1000));
+            headers['Retry-After'] = String(retryAfterSec);
+        }
+        return headers;
+    }
+}
+exports.RateLimitEngine = RateLimitEngine;
+//# sourceMappingURL=rate-limit-engine.js.map

package/dist/cjs/strategies/rate-limit-engine.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"rate-limit-engine.js","sourceRoot":"","sources":["../../../src/strategies/rate-limit-engine.ts"],"names":[],"mappings":";;;AAwBA,kDAkBC;AA0BD,8CAEC;AAtED,+DAAwD;AAQxD,gDAAsD;AAYtD;;;GAGG;AACH,SAAgB,mBAAmB,CAAC,GAAY;IAC9C,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;QAC5B,OAAO,GAAG,CAAC;IACb,CAAC;IACD,IAAI,GAAG,KAAK,IAAI,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;QAC5C,MAAM,CAAC,GAAG,GAA8B,CAAC;QACzC,IAAI,OAAO,CAAC,CAAC,EAAE,KAAK,QAAQ,IAAI,CAAC,CAAC,EAAE,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAChD,OAAO,CAAC,CAAC,EAAE,CAAC;QACd,CAAC;QACD,MAAM,MAAM,GAAG,CAAC,CAAC,MAAM,CAAC;QACxB,IAAI,MAAM,KAAK,IAAI,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,eAAe,IAAI,MAAM,EAAE,CAAC;YAC/E,MAAM,IAAI,GAAI,MAAqC,CAAC,aAAa,CAAC;YAClE,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAChD,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,SAAS,wBAAwB,CAAC,OAA+B;IAC/D,IAAI,OAAO,CAAC,QAAQ,KAAK,4BAAiB,CAAC,YAAY,EAAE,CAAC;QACxD,OAAO,IAAI,6BAAW,CAAC;YACrB,QAAQ,EAAE,4BAAiB,CAAC,YAAY;YACxC,iBAAiB,EAAE,OAAO,CAAC,iBAAiB;YAC5C,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,UAAU,EAAE,OAAO,CAAC,UAAU;SAC/B,CAAC,CAAC;IACL,CAAC;IACD,OAAO,IAAI,6BAAW,CAAC;QACrB,QAAQ,EAAE,OAAO,CAAC,QAAQ,IAAI,4BAAiB,CAAC,cAAc;QAC9D,QAAQ,EAAE,OAAO,CAAC,QAAQ,IAAI,KAAM;QACpC,WAAW,EAAE,OAAO,CAAC,WAAW,IAAI,GAAG;KACxC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,cAAc,CAAC,KAA6B;IACnD,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,IAAI,wBAAwB,CAAC,KAAK,CAAC,CAAC;IAC7D,OAAO,EAAE,GAAG,KAAK,EAAE,KAAK,EAAsB,CAAC;AACjD,CAAC;AAED;;GAEG;AACH,SAAgB,iBAAiB,CAAC,OAA+B;IAC/D,OAAO,IAAI,eAAe,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC,CAAC;AACtD,CAAC;AAED;;GAEG;AACH,MAAa,eAAe;IAG1B,YAAY,OAAyB;QACnC,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,OAAO,CAAC,GAAY;QACxB,MAAM,GAAG,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,YAAY,IAAI,mBAAmB,CAAC,CAAC,GAAG,CAAC,CAAC;QACpE,OAAO,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IACvC,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,cAAc,CAAC,GAAW,EAAE,MAAe,GAAG;QAClD,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,KAAK,IAAI,EAAE,CAAC;YACtC,OAAO,IAAI,CAAC,sBAAsB,EAAE,CAAC;QACvC,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QACvD,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;QAE1C,IAAI,MAAM,CAAC,SAAS,IAAI,IAAI,CAAC,OAAO,CAAC,cAAc,EAAE,CAAC;YACpD,MAAM,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,cAAc,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC,CAAC;QAClE,CAAC;QAED,OAAO,EAAE,GAAG,MAAM,EAAE,OAAO,EAAE,CAAC;IAChC,CAAC;IAEO,QAAQ;QACd,IAAI,IAAI,CAAC,OAAO,CAAC,QAAQ,KAAK,4BAAiB,CAAC,YAAY,EAAE,CAAC;YAC7D,OAAO,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC;QACjC,CAAC;QACD,OAAO,IAAI,CAAC,OAAO,CAAC,WAAW,IAAI,GAAG,CAAC;IACzC,CAAC;IAEO,sBAAsB;QAC5B,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;QAC9B,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,KAAM,CAAC,CAAC;QAChD,MAAM,IAAI,GAAoB;YAC5B,SAAS,EAAE,CAAC;YACZ,SAAS,EAAE,KAAK;YAChB,SAAS;YACT,SAAS,EAAE,KAAK;SACjB,CAAC;QACF,OAAO;YACL,GAAG,IAAI;YACP,OAAO,EAAE,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC;SACnC,CAAC;IACJ,CAAC;IAEO,YAAY,CAAC,MAAuB;QAC1C,OAAO,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;IACrC,CAAC;IAEO,cAAc,CAAC,MAAuB;QAC5C,IAAI,IAAI,CAAC,OAAO,CAAC,OAAO,KAAK,KAAK,EAAE,CAAC;YACnC,OAAO,EAAE,CAAC;QACZ,CAAC;QAED,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;QAC9B,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,CAAC;QAC9D,MAAM,OAAO,GAA2B;YACtC,mBAAmB,EAAE,MAAM,CAAC,KAAK,CAAC;YAClC,uBAAuB,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC;YAC9D,mBAAmB,EAAE,MAAM,CAAC,QAAQ,CAAC;SACtC,CAAC;QAEF,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;YACrB,MAAM,aAAa,GAAG,IAAI,CAAC,GAAG,CAC5B,CAAC,EACD,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,IAAI,CAAC,CAC5D,CAAC;YACF,OAAO,CAAC,aAAa,CAAC,GAAG,MAAM,CAAC,aAAa,CAAC,CAAC;QACjD,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;CACF;AApFD,0CAoFC"}

package/dist/cjs/types/index.d.ts

@@ -0,0 +1,93 @@
+/** Shared types for rate limiting */
+/**
+ * Built-in rate limiting algorithms.
+ */
+export declare enum RateLimitStrategy {
+    SLIDING_WINDOW = "SLIDING_WINDOW",
+    TOKEN_BUCKET = "TOKEN_BUCKET",
+    FIXED_WINDOW = "FIXED_WINDOW"
+}
+/**
+ * Result of incrementing a counter in the backing store.
+ */
+export interface RateLimitResult {
+    totalHits: number;
+    remaining: number;
+    resetTime: Date;
+    isBlocked: boolean;
+}
+/**
+ * Pluggable persistence for rate limit state.
+ */
+export interface RateLimitStore {
+    increment(key: string): Promise<RateLimitResult>;
+    decrement(key: string): Promise<void>;
+    reset(key: string): Promise<void>;
+    shutdown(): Promise<void>;
+}
+/**
+ * Per-request rate limit snapshot (e.g. for headers or `req` augmentation).
+ */
+export interface RateLimitInfo {
+    limit: number;
+    current: number;
+    remaining: number;
+    resetTime: Date;
+}
+/**
+ * Options shared by all strategies.
+ */
+export interface RateLimitOptionsBase {
+    /**
+     * Function to extract a stable identifier for the client (e.g. IP).
+     * Default in implementations is typically `req.ip` when present.
+     */
+    keyGenerator?: (req: unknown) => string;
+    /** Invoked when the limit is exceeded. */
+    onLimitReached?: (req: unknown, result: RateLimitResult) => void | Promise<void>;
+    /** When true, failed responses do not count toward the limit. @default false */
+    skipFailedRequests?: boolean;
+    /** When true, successful responses do not count toward the limit. @default false */
+    skipSuccessfulRequests?: boolean;
+    /** When true, send `X-RateLimit-*` headers. @default true */
+    headers?: boolean;
+    /** HTTP status when blocked. @default 429 */
+    statusCode?: number;
+    /** Body or payload when blocked. @default "Too many requests" */
+    message?: string | object;
+    /** When true, rate limiting is skipped for this request. */
+    skip?: (req: unknown) => boolean;
+    /** Backing store for counters / bucket state. */
+    store: RateLimitStore;
+}
+/**
+ * Options for sliding-window and fixed-window strategies.
+ * @default strategy SLIDING_WINDOW, windowMs 60000, maxRequests 100
+ */
+export interface WindowRateLimitOptions extends RateLimitOptionsBase {
+    strategy?: RateLimitStrategy.SLIDING_WINDOW | RateLimitStrategy.FIXED_WINDOW;
+    /** Time window in milliseconds. @default 60000 */
+    windowMs?: number;
+    /** Max requests allowed per window. @default 100 */
+    maxRequests?: number;
+}
+/**
+ * Options when using {@link RateLimitStrategy.TOKEN_BUCKET}.
+ */
+export interface TokenBucketRateLimitOptions extends RateLimitOptionsBase {
+    strategy: RateLimitStrategy.TOKEN_BUCKET;
+    /** Tokens added per {@link TokenBucketRateLimitOptions.interval}. */
+    tokensPerInterval: number;
+    /** Interval length in milliseconds. */
+    interval: number;
+    /** Maximum tokens (burst capacity). */
+    bucketSize: number;
+}
+/**
+ * Configuration for the rate limiter.
+ *
+ * Use {@link WindowRateLimitOptions} for sliding/fixed window, or
+ * {@link TokenBucketRateLimitOptions} for token bucket (extra fields required).
+ */
+export type RateLimitOptions = WindowRateLimitOptions | TokenBucketRateLimitOptions;
+//# sourceMappingURL=index.d.ts.map

package/dist/cjs/types/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/types/index.ts"],"names":[],"mappings":"AAAA,qCAAqC;AAErC;;GAEG;AACH,oBAAY,iBAAiB;IAC3B,cAAc,mBAAmB;IACjC,YAAY,iBAAiB;IAC7B,YAAY,iBAAiB;CAC9B;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,IAAI,CAAC;IAChB,SAAS,EAAE,OAAO,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,SAAS,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,CAAC,CAAC;IACjD,SAAS,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IACtC,KAAK,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAClC,QAAQ,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;CAC3B;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,IAAI,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC;;;OAGG;IACH,YAAY,CAAC,EAAE,CAAC,GAAG,EAAE,OAAO,KAAK,MAAM,CAAC;IAExC,0CAA0C;IAC1C,cAAc,CAAC,EAAE,CAAC,GAAG,EAAE,OAAO,EAAE,MAAM,EAAE,eAAe,KAAK,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAEjF,gFAAgF;IAChF,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAE7B,oFAAoF;IACpF,sBAAsB,CAAC,EAAE,OAAO,CAAC;IAEjC,6DAA6D;IAC7D,OAAO,CAAC,EAAE,OAAO,CAAC;IAElB,6CAA6C;IAC7C,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB,iEAAiE;IACjE,OAAO,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;IAE1B,4DAA4D;IAC5D,IAAI,CAAC,EAAE,CAAC,GAAG,EAAE,OAAO,KAAK,OAAO,CAAC;IAEjC,iDAAiD;IACjD,KAAK,EAAE,cAAc,CAAC;CACvB;AAED;;;GAGG;AACH,MAAM,WAAW,sBAAuB,SAAQ,oBAAoB;IAClE,QAAQ,CAAC,EAAE,iBAAiB,CAAC,cAAc,GAAG,iBAAiB,CAAC,YAAY,CAAC;IAE7E,kDAAkD;IAClD,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB,oDAAoD;IACpD,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,2BAA4B,SAAQ,oBAAoB;IACvE,QAAQ,EAAE,iBAAiB,CAAC,YAAY,CAAC;IAEzC,qEAAqE;IACrE,iBAAiB,EAAE,MAAM,CAAC;IAE1B,uCAAuC;IACvC,QAAQ,EAAE,MAAM,CAAC;IAEjB,uCAAuC;IACvC,UAAU,EAAE,MAAM,CAAC;CACpB;AAED;;;;;GAKG;AACH,MAAM,MAAM,gBAAgB,GAAG,sBAAsB,GAAG,2BAA2B,CAAC"}

package/dist/cjs/types/index.js

@@ -0,0 +1,14 @@
+"use strict";
+/** Shared types for rate limiting */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.RateLimitStrategy = void 0;
+/**
+ * Built-in rate limiting algorithms.
+ */
+var RateLimitStrategy;
+(function (RateLimitStrategy) {
+    RateLimitStrategy["SLIDING_WINDOW"] = "SLIDING_WINDOW";
+    RateLimitStrategy["TOKEN_BUCKET"] = "TOKEN_BUCKET";
+    RateLimitStrategy["FIXED_WINDOW"] = "FIXED_WINDOW";
+})(RateLimitStrategy || (exports.RateLimitStrategy = RateLimitStrategy = {}));
+//# sourceMappingURL=index.js.map

package/dist/cjs/types/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/types/index.ts"],"names":[],"mappings":";AAAA,qCAAqC;;;AAErC;;GAEG;AACH,IAAY,iBAIX;AAJD,WAAY,iBAAiB;IAC3B,sDAAiC,CAAA;IACjC,kDAA6B,CAAA;IAC7B,kDAA6B,CAAA;AAC/B,CAAC,EAJW,iBAAiB,iCAAjB,iBAAiB,QAI5B"}

package/dist/cjs/utils/index.d.ts

@@ -0,0 +1,3 @@
+/** Internal utilities */
+export {};
+//# sourceMappingURL=index.d.ts.map

package/dist/cjs/utils/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/utils/index.ts"],"names":[],"mappings":"AAAA,yBAAyB;AAEzB,OAAO,EAAE,CAAC"}

package/dist/cjs/utils/index.js

@@ -0,0 +1,4 @@
+"use strict";
+/** Internal utilities */
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=index.js.map

package/dist/cjs/utils/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/utils/index.ts"],"names":[],"mappings":";AAAA,yBAAyB"}

package/dist/index.d.ts

@@ -0,0 +1,32 @@
+/**
+ * ratelimit-flex — flexible rate limiting for Node.js
+ */
+import { expressRateLimiter } from './middleware/express.js';
+import { fastifyRateLimiter } from './middleware/fastify.js';
+import type { RateLimitOptions } from './types/index.js';
+export declare const VERSION = "0.1.0";
+export { expressRateLimiter, fastifyRateLimiter };
+export { RateLimitEngine, createRateLimiter as createRateLimitEngine, defaultKeyGenerator, type RateLimitConsumeResult, type RateLimiterConfigInput, } from './strategies/rate-limit-engine.js';
+export { MemoryStore } from './stores/memory-store.js';
+export { RedisStore } from './stores/redis-store.js';
+export { fixedWindowDefaults, slidingWindowDefaults, tokenBucketDefaults } from './strategies/defaults.js';
+export * from './types/index.js';
+export { RateLimitStrategy } from './types/index.js';
+/**
+ * Convenience factory that returns both Express middleware and Fastify plugin.
+ *
+ * Usage:
+ * ```ts
+ * const limiter = createRateLimiter({ maxRequests: 100 });
+ * app.use(limiter.express);           // Express
+ * await app.register(limiter.fastify); // Fastify
+ * ```
+ *
+ * Prefer importing `expressRateLimiter` or `fastifyRateLimiter` directly when framework is known.
+ */
+export declare function createRateLimiter(options: Partial<RateLimitOptions>): {
+    express: import("express").RequestHandler<import("express-serve-static-core").ParamsDictionary, any, any, import("qs").ParsedQs, Record<string, any>>;
+    fastify: typeof fastifyRateLimiter;
+};
+export default expressRateLimiter;
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,kBAAkB,EAAE,MAAM,yBAAyB,CAAC;AAC7D,OAAO,EAAE,kBAAkB,EAAE,MAAM,yBAAyB,CAAC;AAC7D,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AAGzD,eAAO,MAAM,OAAO,UAAU,CAAC;AAG/B,OAAO,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,CAAC;AAGlD,OAAO,EACL,eAAe,EACf,iBAAiB,IAAI,qBAAqB,EAC1C,mBAAmB,EACnB,KAAK,sBAAsB,EAC3B,KAAK,sBAAsB,GAC5B,MAAM,mCAAmC,CAAC;AAC3C,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AACvD,OAAO,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAC;AAGrD,OAAO,EAAE,mBAAmB,EAAE,qBAAqB,EAAE,mBAAmB,EAAE,MAAM,0BAA0B,CAAC;AAG3G,cAAc,kBAAkB,CAAC;AACjC,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAErD;;;;;;;;;;;GAWG;AACH,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,OAAO,CAAC,gBAAgB,CAAC;;aActC,OAAO,kBAAkB;EAEtD;AAGD,eAAe,kBAAkB,CAAC"}

package/dist/index.js

@@ -0,0 +1,43 @@
+/**
+ * ratelimit-flex — flexible rate limiting for Node.js
+ */
+import { expressRateLimiter } from './middleware/express.js';
+import { fastifyRateLimiter } from './middleware/fastify.js';
+import fp from 'fastify-plugin';
+export const VERSION = '0.1.0';
+// Framework adapters
+export { expressRateLimiter, fastifyRateLimiter };
+// Core engine and stores
+export { RateLimitEngine, createRateLimiter as createRateLimitEngine, defaultKeyGenerator, } from './strategies/rate-limit-engine.js';
+export { MemoryStore } from './stores/memory-store.js';
+export { RedisStore } from './stores/redis-store.js';
+// Built-in defaults
+export { fixedWindowDefaults, slidingWindowDefaults, tokenBucketDefaults } from './strategies/defaults.js';
+// Shared types and enums
+export * from './types/index.js';
+export { RateLimitStrategy } from './types/index.js';
+/**
+ * Convenience factory that returns both Express middleware and Fastify plugin.
+ *
+ * Usage:
+ * ```ts
+ * const limiter = createRateLimiter({ maxRequests: 100 });
+ * app.use(limiter.express);           // Express
+ * await app.register(limiter.fastify); // Fastify
+ * ```
+ *
+ * Prefer importing `expressRateLimiter` or `fastifyRateLimiter` directly when framework is known.
+ */
+export function createRateLimiter(options) {
+    const wrappedPlugin = fp(async (fastify, pluginOpts = {}) => {
+        const merged = { ...options, ...pluginOpts };
+        return fastifyRateLimiter(fastify, merged);
+    }, { name: 'ratelimit-flex-wrapper' });
+    return {
+        express: expressRateLimiter(options),
+        fastify: wrappedPlugin,
+    };
+}
+// Express is the most common default integration path.
+export default expressRateLimiter;
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,kBAAkB,EAAE,MAAM,yBAAyB,CAAC;AAC7D,OAAO,EAAE,kBAAkB,EAAE,MAAM,yBAAyB,CAAC;AAE7D,OAAO,EAAE,MAAM,gBAAgB,CAAC;AAEhC,MAAM,CAAC,MAAM,OAAO,GAAG,OAAO,CAAC;AAE/B,qBAAqB;AACrB,OAAO,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,CAAC;AAElD,yBAAyB;AACzB,OAAO,EACL,eAAe,EACf,iBAAiB,IAAI,qBAAqB,EAC1C,mBAAmB,GAGpB,MAAM,mCAAmC,CAAC;AAC3C,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AACvD,OAAO,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAC;AAErD,oBAAoB;AACpB,OAAO,EAAE,mBAAmB,EAAE,qBAAqB,EAAE,mBAAmB,EAAE,MAAM,0BAA0B,CAAC;AAE3G,yBAAyB;AACzB,cAAc,kBAAkB,CAAC;AACjC,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAErD;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,iBAAiB,CAAC,OAAkC;IAClE,MAAM,aAAa,GAAG,EAAE,CACtB,KAAK,EAAE,OAAgB,EAAE,aAAwC,EAAE,EAAE,EAAE;QACrE,MAAM,MAAM,GAAG,EAAE,GAAG,OAAO,EAAE,GAAG,UAAU,EAAE,CAAC;QAC7C,OAAQ,kBAA6F,CACnG,OAAO,EACP,MAAM,CACP,CAAC;IACJ,CAAC,EACD,EAAE,IAAI,EAAE,wBAAwB,EAAE,CACnC,CAAC;IAEF,OAAO;QACL,OAAO,EAAE,kBAAkB,CAAC,OAAO,CAAC;QACpC,OAAO,EAAE,aAA0C;KACpD,CAAC;AACJ,CAAC;AAED,uDAAuD;AACvD,eAAe,kBAAkB,CAAC"}

package/dist/middleware/express.d.ts

@@ -0,0 +1,18 @@
+import type { RequestHandler } from 'express';
+import type { RateLimitInfo, RateLimitOptions } from '../types/index.js';
+declare module 'express-serve-static-core' {
+    interface Request {
+        /** Populated by {@link expressRateLimiter} after a successful consume (not blocked). */
+        rateLimit?: RateLimitInfo;
+    }
+}
+/**
+ * Express middleware factory. One {@link RateLimitEngine} and store are created per call (singleton for that middleware instance).
+ *
+ * @example
+ * ```ts
+ * app.use(expressRateLimiter({ maxRequests: 50 }));
+ * ```
+ */
+export declare function expressRateLimiter(options: Partial<RateLimitOptions>): RequestHandler;
+//# sourceMappingURL=express.d.ts.map

package/dist/middleware/express.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"express.d.ts","sourceRoot":"","sources":["../../src/middleware/express.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAyB,cAAc,EAAY,MAAM,SAAS,CAAC;AAE/E,OAAO,KAAK,EAAE,aAAa,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAGzE,OAAO,QAAQ,2BAA2B,CAAC;IACzC,UAAU,OAAO;QACf,wFAAwF;QACxF,SAAS,CAAC,EAAE,aAAa,CAAC;KAC3B;CACF;AAQD;;;;;;;GAOG;AACH,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,OAAO,CAAC,gBAAgB,CAAC,GAAG,cAAc,CAkDrF"}

package/dist/middleware/express.js

@@ -0,0 +1,58 @@
+import { RateLimitEngine, defaultKeyGenerator } from '../strategies/rate-limit-engine.js';
+import { jsonErrorBody, mergeRateLimiterOptions, toRateLimitInfo } from './merge-options.js';
+function applyHeaders(res, headers) {
+    for (const [name, value] of Object.entries(headers)) {
+        res.setHeader(name, value);
+    }
+}
+/**
+ * Express middleware factory. One {@link RateLimitEngine} and store are created per call (singleton for that middleware instance).
+ *
+ * @example
+ * ```ts
+ * app.use(expressRateLimiter({ maxRequests: 50 }));
+ * ```
+ */
+export function expressRateLimiter(options) {
+    const resolved = mergeRateLimiterOptions(options);
+    const { onLimitReached, ...engineOptions } = resolved;
+    const engine = new RateLimitEngine(engineOptions);
+    const keyGen = resolved.keyGenerator ?? defaultKeyGenerator;
+    return async function rateLimitMiddleware(req, res, next) {
+        if (resolved.skip?.(req) === true) {
+            next();
+            return;
+        }
+        const key = keyGen(req);
+        const result = await engine.consumeWithKey(key, req);
+        if (resolved.headers !== false) {
+            applyHeaders(res, result.headers);
+        }
+        if (result.isBlocked) {
+            if (onLimitReached) {
+                await Promise.resolve(onLimitReached(req, result));
+            }
+            res
+                .status(resolved.statusCode ?? 429)
+                .json(jsonErrorBody(resolved.message ?? 'Too many requests'));
+            return;
+        }
+        req.rateLimit = toRateLimitInfo(resolved, result);
+        const shouldDecrementFailed = resolved.skipFailedRequests === true;
+        const shouldDecrementSuccess = resolved.skipSuccessfulRequests === true;
+        if (shouldDecrementFailed || shouldDecrementSuccess) {
+            res.once('finish', () => {
+                const status = res.statusCode;
+                const failed = status >= 400;
+                const success = status < 400;
+                if ((shouldDecrementFailed && failed) || (shouldDecrementSuccess && success)) {
+                    void resolved.store.decrement(key).catch(() => {
+                        /* ignore */
+                    });
+                }
+            });
+        }
+        next();
+    };
+}
+//# sourceMappingURL=express.js.map

package/dist/middleware/express.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"express.js","sourceRoot":"","sources":["../../src/middleware/express.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,eAAe,EAAE,mBAAmB,EAAE,MAAM,oCAAoC,CAAC;AAE1F,OAAO,EAAE,aAAa,EAAE,uBAAuB,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AAS7F,SAAS,YAAY,CAAC,GAAa,EAAE,OAA+B;IAClE,KAAK,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QACpD,GAAG,CAAC,SAAS,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IAC7B,CAAC;AACH,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,kBAAkB,CAAC,OAAkC;IACnE,MAAM,QAAQ,GAAG,uBAAuB,CAAC,OAAO,CAAC,CAAC;IAClD,MAAM,EAAE,cAAc,EAAE,GAAG,aAAa,EAAE,GAAG,QAAQ,CAAC;IACtD,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC,aAAa,CAAC,CAAC;IAClD,MAAM,MAAM,GAAG,QAAQ,CAAC,YAAY,IAAI,mBAAmB,CAAC;IAE5D,OAAO,KAAK,UAAU,mBAAmB,CAAC,GAAY,EAAE,GAAa,EAAE,IAAkB;QACvF,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,KAAK,IAAI,EAAE,CAAC;YAClC,IAAI,EAAE,CAAC;YACP,OAAO;QACT,CAAC;QAED,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC;QAExB,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,cAAc,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAErD,IAAI,QAAQ,CAAC,OAAO,KAAK,KAAK,EAAE,CAAC;YAC/B,YAAY,CAAC,GAAG,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC;QACpC,CAAC;QAED,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;YACrB,IAAI,cAAc,EAAE,CAAC;gBACnB,MAAM,OAAO,CAAC,OAAO,CAAC,cAAc,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC,CAAC;YACrD,CAAC;YACD,GAAG;iBACA,MAAM,CAAC,QAAQ,CAAC,UAAU,IAAI,GAAG,CAAC;iBAClC,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,OAAO,IAAI,mBAAmB,CAAC,CAAC,CAAC;YAChE,OAAO;QACT,CAAC;QAED,GAAG,CAAC,SAAS,GAAG,eAAe,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QAElD,MAAM,qBAAqB,GAAG,QAAQ,CAAC,kBAAkB,KAAK,IAAI,CAAC;QACnE,MAAM,sBAAsB,GAAG,QAAQ,CAAC,sBAAsB,KAAK,IAAI,CAAC;QAExE,IAAI,qBAAqB,IAAI,sBAAsB,EAAE,CAAC;YACpD,GAAG,CAAC,IAAI,CAAC,QAAQ,EAAE,GAAG,EAAE;gBACtB,MAAM,MAAM,GAAG,GAAG,CAAC,UAAU,CAAC;gBAC9B,MAAM,MAAM,GAAG,MAAM,IAAI,GAAG,CAAC;gBAC7B,MAAM,OAAO,GAAG,MAAM,GAAG,GAAG,CAAC;gBAC7B,IAAI,CAAC,qBAAqB,IAAI,MAAM,CAAC,IAAI,CAAC,sBAAsB,IAAI,OAAO,CAAC,EAAE,CAAC;oBAC7E,KAAK,QAAQ,CAAC,KAAK,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE;wBAC5C,YAAY;oBACd,CAAC,CAAC,CAAC;gBACL,CAAC;YACH,CAAC,CAAC,CAAC;QACL,CAAC;QAED,IAAI,EAAE,CAAC;IACT,CAAC,CAAC;AACJ,CAAC"}

package/dist/middleware/fastify.d.ts

@@ -0,0 +1,21 @@
+import type { FastifyPluginAsync } from 'fastify';
+import type { RateLimitInfo, RateLimitOptions } from '../types/index.js';
+declare module 'fastify' {
+    interface FastifyRequest {
+        /** Populated by {@link fastifyRateLimiter} after a successful consume (not blocked). */
+        rateLimit?: RateLimitInfo;
+        /** Internal: storage key for optional response-based decrement. */
+        rateLimitKey?: string;
+        /** Internal: when to consider decrement on `onResponse`. */
+        rateLimitDecrementFlags?: {
+            onFailed: boolean;
+            onSuccess: boolean;
+        };
+    }
+}
+/**
+ * Fastify plugin (wrapped with `fastify-plugin` for correct encapsulation).
+ * Registers `onRequest` / `onResponse` hooks; one {@link RateLimitEngine} and store per registration.
+ */
+export declare const fastifyRateLimiter: FastifyPluginAsync<Partial<RateLimitOptions>>;
+//# sourceMappingURL=fastify.d.ts.map

package/dist/middleware/fastify.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"fastify.d.ts","sourceRoot":"","sources":["../../src/middleware/fastify.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,SAAS,CAAC;AAGlD,OAAO,KAAK,EAAE,aAAa,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAGzE,OAAO,QAAQ,SAAS,CAAC;IACvB,UAAU,cAAc;QACtB,wFAAwF;QACxF,SAAS,CAAC,EAAE,aAAa,CAAC;QAC1B,mEAAmE;QACnE,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,4DAA4D;QAC5D,uBAAuB,CAAC,EAAE;YACxB,QAAQ,EAAE,OAAO,CAAC;YAClB,SAAS,EAAE,OAAO,CAAC;SACpB,CAAC;KACH;CACF;AA6DD;;;GAGG;AACH,eAAO,MAAM,kBAAkB,+CAE7B,CAAC"}

package/dist/middleware/fastify.js

@@ -0,0 +1,60 @@
+import fp from 'fastify-plugin';
+import { RateLimitEngine, defaultKeyGenerator } from '../strategies/rate-limit-engine.js';
+import { jsonErrorBody, mergeRateLimiterOptions, toRateLimitInfo } from './merge-options.js';
+const plugin = async (fastify, options) => {
+    const resolved = mergeRateLimiterOptions(options);
+    const { onLimitReached, ...engineOptions } = resolved;
+    const engine = new RateLimitEngine(engineOptions);
+    const keyGen = resolved.keyGenerator ?? defaultKeyGenerator;
+    fastify.addHook('onRequest', async (request, reply) => {
+        if (resolved.skip?.(request) === true) {
+            return;
+        }
+        const key = keyGen(request);
+        const result = await engine.consumeWithKey(key, request);
+        if (resolved.headers !== false) {
+            for (const [name, value] of Object.entries(result.headers)) {
+                reply.header(name, value);
+            }
+        }
+        if (result.isBlocked) {
+            if (onLimitReached) {
+                await Promise.resolve(onLimitReached(request, result));
+            }
+            await reply
+                .status(resolved.statusCode ?? 429)
+                .send(jsonErrorBody(resolved.message ?? 'Too many requests'));
+            return;
+        }
+        request.rateLimit = toRateLimitInfo(resolved, result);
+        const onFailed = resolved.skipFailedRequests === true;
+        const onSuccess = resolved.skipSuccessfulRequests === true;
+        if (onFailed || onSuccess) {
+            request.rateLimitKey = key;
+            request.rateLimitDecrementFlags = { onFailed, onSuccess };
+        }
+    });
+    fastify.addHook('onResponse', async (request, reply) => {
+        const key = request.rateLimitKey;
+        const flags = request.rateLimitDecrementFlags;
+        if (!key || !flags) {
+            return;
+        }
+        const status = reply.statusCode;
+        const failed = status >= 400;
+        const success = status < 400;
+        if ((flags.onFailed && failed) || (flags.onSuccess && success)) {
+            void resolved.store.decrement(key).catch(() => {
+                /* ignore */
+            });
+        }
+    });
+};
+/**
+ * Fastify plugin (wrapped with `fastify-plugin` for correct encapsulation).
+ * Registers `onRequest` / `onResponse` hooks; one {@link RateLimitEngine} and store per registration.
+ */
+export const fastifyRateLimiter = fp(plugin, {
+    name: 'ratelimit-flex',
+});
+//# sourceMappingURL=fastify.js.map

package/dist/middleware/fastify.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"fastify.js","sourceRoot":"","sources":["../../src/middleware/fastify.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,MAAM,gBAAgB,CAAC;AAChC,OAAO,EAAE,eAAe,EAAE,mBAAmB,EAAE,MAAM,oCAAoC,CAAC;AAE1F,OAAO,EAAE,aAAa,EAAE,uBAAuB,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AAgB7F,MAAM,MAAM,GAAkD,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE,EAAE;IACvF,MAAM,QAAQ,GAAG,uBAAuB,CAAC,OAAO,CAAC,CAAC;IAClD,MAAM,EAAE,cAAc,EAAE,GAAG,aAAa,EAAE,GAAG,QAAQ,CAAC;IACtD,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC,aAAa,CAAC,CAAC;IAClD,MAAM,MAAM,GAAG,QAAQ,CAAC,YAAY,IAAI,mBAAmB,CAAC;IAE5D,OAAO,CAAC,OAAO,CAAC,WAAW,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE;QACpD,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,KAAK,IAAI,EAAE,CAAC;YACtC,OAAO;QACT,CAAC;QAED,MAAM,GAAG,GAAG,MAAM,CAAC,OAAO,CAAC,CAAC;QAC5B,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,cAAc,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAEzD,IAAI,QAAQ,CAAC,OAAO,KAAK,KAAK,EAAE,CAAC;YAC/B,KAAK,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC3D,KAAK,CAAC,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;YAC5B,CAAC;QACH,CAAC;QAED,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;YACrB,IAAI,cAAc,EAAE,CAAC;gBACnB,MAAM,OAAO,CAAC,OAAO,CAAC,cAAc,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC,CAAC;YACzD,CAAC;YACD,MAAM,KAAK;iBACR,MAAM,CAAC,QAAQ,CAAC,UAAU,IAAI,GAAG,CAAC;iBAClC,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,OAAO,IAAI,mBAAmB,CAAC,CAAC,CAAC;YAChE,OAAO;QACT,CAAC;QAED,OAAO,CAAC,SAAS,GAAG,eAAe,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QAEtD,MAAM,QAAQ,GAAG,QAAQ,CAAC,kBAAkB,KAAK,IAAI,CAAC;QACtD,MAAM,SAAS,GAAG,QAAQ,CAAC,sBAAsB,KAAK,IAAI,CAAC;QAC3D,IAAI,QAAQ,IAAI,SAAS,EAAE,CAAC;YAC1B,OAAO,CAAC,YAAY,GAAG,GAAG,CAAC;YAC3B,OAAO,CAAC,uBAAuB,GAAG,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC;QAC5D,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,OAAO,CAAC,OAAO,CAAC,YAAY,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE;QACrD,MAAM,GAAG,GAAG,OAAO,CAAC,YAAY,CAAC;QACjC,MAAM,KAAK,GAAG,OAAO,CAAC,uBAAuB,CAAC;QAC9C,IAAI,CAAC,GAAG,IAAI,CAAC,KAAK,EAAE,CAAC;YACnB,OAAO;QACT,CAAC;QAED,MAAM,MAAM,GAAG,KAAK,CAAC,UAAU,CAAC;QAChC,MAAM,MAAM,GAAG,MAAM,IAAI,GAAG,CAAC;QAC7B,MAAM,OAAO,GAAG,MAAM,GAAG,GAAG,CAAC;QAE7B,IAAI,CAAC,KAAK,CAAC,QAAQ,IAAI,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,SAAS,IAAI,OAAO,CAAC,EAAE,CAAC;YAC/D,KAAK,QAAQ,CAAC,KAAK,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE;gBAC5C,YAAY;YACd,CAAC,CAAC,CAAC;QACL,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC,CAAC;AAEF;;;GAGG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAAG,EAAE,CAAC,MAAM,EAAE;IAC3C,IAAI,EAAE,gBAAgB;CACvB,CAAC,CAAC"}

package/dist/middleware/index.d.ts

@@ -0,0 +1,4 @@
+/** Framework middleware adapters (Express, Fastify, etc.) */
+export { expressRateLimiter } from './express.js';
+export { fastifyRateLimiter } from './fastify.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/middleware/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/middleware/index.ts"],"names":[],"mappings":"AAAA,6DAA6D;AAE7D,OAAO,EAAE,kBAAkB,EAAE,MAAM,cAAc,CAAC;AAClD,OAAO,EAAE,kBAAkB,EAAE,MAAM,cAAc,CAAC"}

package/dist/middleware/index.js

@@ -0,0 +1,4 @@
+/** Framework middleware adapters (Express, Fastify, etc.) */
+export { expressRateLimiter } from './express.js';
+export { fastifyRateLimiter } from './fastify.js';
+//# sourceMappingURL=index.js.map

package/dist/middleware/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/middleware/index.ts"],"names":[],"mappings":"AAAA,6DAA6D;AAE7D,OAAO,EAAE,kBAAkB,EAAE,MAAM,cAAc,CAAC;AAClD,OAAO,EAAE,kBAAkB,EAAE,MAAM,cAAc,CAAC"}

package/dist/middleware/merge-options.d.ts

@@ -0,0 +1,16 @@
+import type { RateLimitInfo, RateLimitOptions, RateLimitResult } from '../types/index.js';
+export declare const baseDefaults: {
+    readonly headers: true;
+    readonly statusCode: 429;
+    readonly message: "Too many requests";
+    readonly skipFailedRequests: false;
+    readonly skipSuccessfulRequests: false;
+};
+export declare function getLimit(opts: RateLimitOptions): number;
+/**
+ * Merge partial options with strategy defaults and ensure a {@link MemoryStore} when `store` is omitted.
+ */
+export declare function mergeRateLimiterOptions(options: Partial<RateLimitOptions>): RateLimitOptions;
+export declare function toRateLimitInfo(opts: RateLimitOptions, result: RateLimitResult): RateLimitInfo;
+export declare function jsonErrorBody(message: string | object): object;
+//# sourceMappingURL=merge-options.d.ts.map

package/dist/middleware/merge-options.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"merge-options.d.ts","sourceRoot":"","sources":["../../src/middleware/merge-options.ts"],"names":[],"mappings":"AAMA,OAAO,KAAK,EAAE,aAAa,EAAE,gBAAgB,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AAG1F,eAAO,MAAM,YAAY;;;;;;CAMf,CAAC;AAEX,wBAAgB,QAAQ,CAAC,IAAI,EAAE,gBAAgB,GAAG,MAAM,CAKvD;AAED;;GAEG;AACH,wBAAgB,uBAAuB,CAAC,OAAO,EAAE,OAAO,CAAC,gBAAgB,CAAC,GAAG,gBAAgB,CAwC5F;AAED,wBAAgB,eAAe,CAAC,IAAI,EAAE,gBAAgB,EAAE,MAAM,EAAE,eAAe,GAAG,aAAa,CAO9F;AAED,wBAAgB,aAAa,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,GAAG,MAAM,CAE9D"}

package/dist/middleware/merge-options.js

@@ -0,0 +1,64 @@
+import { MemoryStore } from '../stores/memory-store.js';
+import { fixedWindowDefaults, slidingWindowDefaults, tokenBucketDefaults, } from '../strategies/defaults.js';
+import { RateLimitStrategy } from '../types/index.js';
+export const baseDefaults = {
+    headers: true,
+    statusCode: 429,
+    message: 'Too many requests',
+    skipFailedRequests: false,
+    skipSuccessfulRequests: false,
+};
+export function getLimit(opts) {
+    if (opts.strategy === RateLimitStrategy.TOKEN_BUCKET) {
+        return opts.bucketSize;
+    }
+    return opts.maxRequests ?? 100;
+}
+/**
+ * Merge partial options with strategy defaults and ensure a {@link MemoryStore} when `store` is omitted.
+ */
+export function mergeRateLimiterOptions(options) {
+    const strategy = options.strategy ?? RateLimitStrategy.SLIDING_WINDOW;
+    if (strategy === RateLimitStrategy.TOKEN_BUCKET) {
+        const merged = {
+            ...tokenBucketDefaults,
+            ...baseDefaults,
+            ...options,
+            strategy: RateLimitStrategy.TOKEN_BUCKET,
+        };
+        const store = merged.store ??
+            new MemoryStore({
+                strategy: RateLimitStrategy.TOKEN_BUCKET,
+                tokensPerInterval: merged.tokensPerInterval,
+                interval: merged.interval,
+                bucketSize: merged.bucketSize,
+            });
+        return { ...merged, store };
+    }
+    const windowDefaults = strategy === RateLimitStrategy.FIXED_WINDOW ? fixedWindowDefaults : slidingWindowDefaults;
+    const merged = {
+        ...windowDefaults,
+        ...baseDefaults,
+        ...options,
+        strategy,
+    };
+    const store = merged.store ??
+        new MemoryStore({
+            strategy: merged.strategy,
+            windowMs: merged.windowMs ?? 60000,
+            maxRequests: merged.maxRequests ?? 100,
+        });
+    return { ...merged, store };
+}
+export function toRateLimitInfo(opts, result) {
+    return {
+        limit: getLimit(opts),
+        current: result.totalHits,
+        remaining: result.remaining,
+        resetTime: result.resetTime,
+    };
+}
+export function jsonErrorBody(message) {
+    return { error: message };
+}
+//# sourceMappingURL=merge-options.js.map