使用 express-rate-limit 为单个路由设置不同的速率限制器
Set different rate limiters for a single route using express-rate-limit
我在快递中有这样一条路线
router.route('/sign-upload').post(signUpload)
而且我想根据请求对该路由使用不同的速率限制器。
router.route('/sign-upload').post(function (req, res, next) {
switch (req.body.qty) {
case 'one':
console.log('case one')
B1Limiter
break
case '10-50':
console.log('case 10-50')
B10To50Limiter
break
case '50-250':
console.log('case 50-250')
B50To250Limiter
break
case '250-1000':
console.log('case 250-1000')
B250To1kLimiter
break
default:
console.log('case default')
B1Limiter
break
}
next()},signUpload)
这些是我的限制器:
import rateLimit from 'express-rate-limit'
// B1 15req/hr
export const B1Limiter = rateLimit({
windowMs: 60 * 60 * 1000,
max: 15,
message: 'Too many requests from this IP. Please try again after an hour',
})
// B10-50 300req/day
export const B10To50Limiter = rateLimit({
windowMs: 24 * 60 * 60 * 1000,
max: 300,
message: 'Too many requests from this IP. Please try again tomorrow',
})
// B50-250 750req/3 days
export const B50To250Limiter = rateLimit({
windowMs: 3 * 24 * 60 * 60 * 1000,
max: 750,
message: 'Too many requests from this IP. Please try again after three days',
})
// B250-1000 3kreq/week
export const B250To1kLimiter = rateLimit({
windowMs: 7 * 24 * 60 * 60 * 1000,
max: 3000,
message: 'Too many requests from this IP. Please try again after week',
})
此代码的速率限制器未执行。不知道为什么。
我不能使用单个限制器,因为 windowMs 和 message 不是函数。
https://github.com/nfriedly/express-rate-limit/issues/122
如果我移除开关盒并仅使用一个限制器,限制器就会工作
router.route('/sign-upload').post(B1Limiter,signUpload)
这是否意味着我必须为每个速率限制器创建单独的路由?
您可以有条件地 select 并像这样执行您想要的中间件:
router.route('/sign-upload').post(function (req, res, next) {
let limiter = B1Limiter;
switch (req.body.qty) {
case 'one':
console.log('case one')
limiter = B1Limiter
break
case '10-50':
console.log('case 10-50')
limiter = B10To50Limiter
break
case '50-250':
console.log('case 50-250')
limiter = B50To250Limiter
break
case '250-1000':
console.log('case 250-1000')
limiter = B250To1kLimiter
break
default:
console.log('case default')
limiter = B1Limiter
break
}
// now call the selected middleware and
// let it handle calling next()
limiter(req, res, next);
}, signUpload);
我在快递中有这样一条路线
router.route('/sign-upload').post(signUpload)
而且我想根据请求对该路由使用不同的速率限制器。
router.route('/sign-upload').post(function (req, res, next) {
switch (req.body.qty) {
case 'one':
console.log('case one')
B1Limiter
break
case '10-50':
console.log('case 10-50')
B10To50Limiter
break
case '50-250':
console.log('case 50-250')
B50To250Limiter
break
case '250-1000':
console.log('case 250-1000')
B250To1kLimiter
break
default:
console.log('case default')
B1Limiter
break
}
next()},signUpload)
这些是我的限制器:
import rateLimit from 'express-rate-limit'
// B1 15req/hr
export const B1Limiter = rateLimit({
windowMs: 60 * 60 * 1000,
max: 15,
message: 'Too many requests from this IP. Please try again after an hour',
})
// B10-50 300req/day
export const B10To50Limiter = rateLimit({
windowMs: 24 * 60 * 60 * 1000,
max: 300,
message: 'Too many requests from this IP. Please try again tomorrow',
})
// B50-250 750req/3 days
export const B50To250Limiter = rateLimit({
windowMs: 3 * 24 * 60 * 60 * 1000,
max: 750,
message: 'Too many requests from this IP. Please try again after three days',
})
// B250-1000 3kreq/week
export const B250To1kLimiter = rateLimit({
windowMs: 7 * 24 * 60 * 60 * 1000,
max: 3000,
message: 'Too many requests from this IP. Please try again after week',
})
此代码的速率限制器未执行。不知道为什么。
我不能使用单个限制器,因为 windowMs 和 message 不是函数。 https://github.com/nfriedly/express-rate-limit/issues/122
如果我移除开关盒并仅使用一个限制器,限制器就会工作
router.route('/sign-upload').post(B1Limiter,signUpload)
这是否意味着我必须为每个速率限制器创建单独的路由?
您可以有条件地 select 并像这样执行您想要的中间件:
router.route('/sign-upload').post(function (req, res, next) {
let limiter = B1Limiter;
switch (req.body.qty) {
case 'one':
console.log('case one')
limiter = B1Limiter
break
case '10-50':
console.log('case 10-50')
limiter = B10To50Limiter
break
case '50-250':
console.log('case 50-250')
limiter = B50To250Limiter
break
case '250-1000':
console.log('case 250-1000')
limiter = B250To1kLimiter
break
default:
console.log('case default')
limiter = B1Limiter
break
}
// now call the selected middleware and
// let it handle calling next()
limiter(req, res, next);
}, signUpload);