express-objection-starter icon indicating copy to clipboard operation
express-objection-starter copied to clipboard

Published 20 hours ago verified publisher icon JaneJeon

Rate limiting

Open JaneJeon opened this issue 5 years ago • 0 comments

Assuming #23 is set up, we can use rate limiting on the API side as a means of limiting actions (not DDOS, because if we hit Redis for every request during DDOS... yikes)

The question remains how we would protect per IP vs. per account, and how to protect endpoints differently

Some possible libraries:

  • https://github.com/animir/node-rate-limiter-flexible
  • https://github.com/AdamPflug/express-brute
  • https://github.com/nfriedly/express-rate-limit

JaneJeon avatar Aug 19 '19 21:08 JaneJeon