Rate Limit Configs
Axe API provides an internal rate limiter. You can enable or disable it in your configuration file.
ts
import { IApplicationConfig } from "axe-api";
const config: IApplicationConfig = {
rateLimit: {
enabled: false,
maxRequests: 200,
windowInSeconds: 5,
trustProxyIP: false,
adaptor: {
type: "memory",
},
keyGenerator: (req: IncomingMessage) => {
return `${req.socket.remoteAddress}:${req.method}:${req.url}`;
},
},
};
export default config;enabled
The rate limiter can be enabled or disabled via the configuration item. It should be boolean.
maxRequests
The maximum acceptable request count during the time window for the generated key.
windowInSeconds
The request time window. The value must be specified in seconds.
trustProxyIP
It is an option to be able to trust the X-Forwarded-For HTTP header value if the API is running behind a proxy server.
The default value is false.
WARNING
This parameter would be ignored if you define a custom keyGenerator() function.
adaptor
The data storing adaptor. You can select memory or redis.
ts
import { IApplicationConfig } from "axe-api";
const config: IApplicationConfig = {
rateLimit: {
...
adaptor: {
type: "memory",
},
},
};
export default config;ts
import { IApplicationConfig } from "axe-api";
const config: IApplicationConfig = {
rateLimit: {
...
adaptor: {
type: "redis",
redis: {
host: "your_redis_host",
port: 6379,
password: "your_password",
db: 0,
},
},
},
};
export default config;keyGenerator
You can define your custom keyGenerator() function to specify the HTTP client authentication.
ts
import { IApplicationConfig } from "axe-api";
const config: IApplicationConfig = {
rateLimit: {
...,
keyGenerator: (req: IncomingMessage) => {
// The key will be generated by the logged user id
return req.auth.userId;
},
},
};
export default config;