{"id":17749427,"url":"https://github.com/oresoftware/curtain","last_synced_at":"2025-04-01T08:11:10.595Z","repository":{"id":95712277,"uuid":"50986147","full_name":"ORESoftware/curtain","owner":"ORESoftware","description":"Node.js rate limiter using Redis","archived":false,"fork":false,"pushed_at":"2017-03-04T03:16:16.000Z","size":77,"stargazers_count":2,"open_issues_count":1,"forks_count":0,"subscribers_count":4,"default_branch":"master","last_synced_at":"2024-11-24T09:34:09.233Z","etag":null,"topics":["nodejs","npm","npm-package","rate-limiting","redis","suman","sumanjs"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ORESoftware.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2016-02-03T08:42:01.000Z","updated_at":"2024-08-05T21:32:45.000Z","dependencies_parsed_at":null,"dependency_job_id":"d356ffbd-b560-48aa-8e1b-8458429073f5","html_url":"https://github.com/ORESoftware/curtain","commit_stats":{"total_commits":57,"total_committers":6,"mean_commits":9.5,"dds":0.7017543859649122,"last_synced_commit":"bc98e91bbd9bdfce67df877e77d0aaa4edf4b82a"},"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ORESoftware%2Fcurtain","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ORESoftware%2Fcurtain/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ORESoftware%2Fcurtain/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ORESoftware%2Fcurtain/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ORESoftware","download_url":"https://codeload.github.com/ORESoftware/curtain/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246604610,"owners_count":20804100,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["nodejs","npm","npm-package","rate-limiting","redis","suman","sumanjs"],"created_at":"2024-10-26T11:23:15.895Z","updated_at":"2025-04-01T08:11:10.579Z","avatar_url":"https://github.com/ORESoftware.png","language":"JavaScript","readme":"\n\n# Curtain\n\nThis library is designed to make a yes/no decision about whether to admit a request or to determine that\na request has exceeed a threshold and should be rejected with a HTTP 429 or other relevant HTTP response.\n\n\u003cbr /\u003e\n\n[![NPM](https://nodei.co/npm/curtain.png?downloads=true\u0026downloadRank=true\u0026stars=true)](https://nodei.co/npm/curtain/)\n\n\u003cbr /\u003e\n\n## Usage\n\n(See the /test folder in the project for more examples)\n\n\n```javascript\n\n// import the code\nconst RateLimiter = require('curtain');\n\n// initialize a new rlm instance (only really need one per redis connection)\nconst rlm = new RateLimiter({\n    redis: {\n        port: 6379,\n        host: '127.0.0.1',\n        db: 0\n    }\n});\n\n\n // promise based interface\napp.use(function (req, res, next) {\n\n    rlm.limit({\n\n        req: req,\n        excludeRoutes: [],\n        maxReqsPerPeriod: 10,\n        periodMillis: 1000,\n        identifier: 'ip'\n\n    }).then(function (data) {\n\n        if (data.rateExceeded) {\n            res.status(429).json({error: 'Rate limit exceeded', length: data.length});\n        } else {\n            next();\n        }\n\n    }, function (err) {\n\n        if (!err.curtainError) {  //this error is not from the curtain library, pass it on\n            return next(err);\n        }\n\n        switch (err.type) {\n            case rlm.errors.REDIS_ERROR:\n                err.status = 500;\n                break;\n            case rlm.errors.NO_KEY: // whatever you chose to use as you're request unique identifier, there was a problem finding it\n                err.status = 500;\n                break;\n            case rlm.errors.BAD_ARGUMENTS: //if you have some dynamicism in your project, then maybe you could pass bad args at runtime\n                err.status = 500;\n                break;\n            default:\n                throw new Error('Unexpected err via rate limiter:' + err);\n        }\n\n        next(err);\n\n    });\n\n});\n\n\n// middleware based interface\n app.use(rlm.limitMiddleware({\n \n     excludeRoutes: [],\n     maxReqsPerPeriod: 5,\n     periodMillis: 2000,\n     identifier: 'ip'\n \n }), function (err, req, res, next) {\n \n     if (!err.curtainError) {  //this error is not from the curtain library, pass it on\n         console.log('zzzz');\n         return next(err);\n     }\n \n     switch (err.type) {\n         case rlm.errors.REDIS_ERROR:\n             err.status = 500;\n             break;\n         case rlm.errors.NO_KEY: // whatever you chose to use as you're request unique identifier, there was a problem finding it\n             err.status = 500;\n             break;\n         case rlm.errors.BAD_ARGUMENTS: //if you have some dynamicism in your project, then maybe you could pass bad args at runtime\n             err.status = 500;\n             break;\n         default:\n             throw new Error('Unexpected err via rate limiter XXX:' + typeof (err.stack || err) === 'string' ?\n                 (err.stack || err) : util.inspect(err));\n     }\n \n     next(err);\n \n }, function(req,res,next){\n \n     if(req.curtain.rateExceeded){\n         res.status(429).json({error: 'Rate limit exceeded'});\n     }\n     else{\n         next();\n     }\n \n });\n \n\n```\n\n\nyou can also pass in an existing Redis client like so:\n\n\n```javascript\nconst RateLimiter = require('curtain');\n\nvar rlm = new RateLimiter({\n    redis: {\n        client: yourClient \n    }\n});\n```\n\nNote: This library calls your error handling middleware. When the rate limit is exceeded by the newest request \nit will call your promixate error handling middleware; this same middleware will also be called if any other types of errors occur. \nAll errors (whether they are Redis errors or rate limit errors) should be handled by you like this:\n\n\u003cbr /\u003e\n\u003cbr /\u003e\n\u003cbr /\u003e\n\nIf you don't use the ip value of req.ip, (which you probably shouldn't) then you need to attach a value to req representing \nthe key to use for that user that is making the request.\n\nThat might look like this:\n\n```javascript\n\nreq['foo-bar'] = 'some-unique-request-id-for-your-app';\n\n\nrlm.limit({\n\n    req: req,\n    maxReqsPerPeriod: 150,          // maximum number of requests that are allowed to occur during a window\n    periodMillis: 3000,             // the window period in milliseconds\n    identifier: 'foo-bar'           // string representing what value to read off the req object\n    \n})\n\n```","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Foresoftware%2Fcurtain","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Foresoftware%2Fcurtain","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Foresoftware%2Fcurtain/lists"}