add: added rate limit to the api

2025-04-21 20:43:14 +02:00 · 2025-04-21 20:43:14 +02:00 · 46aea20bf5
commit 46aea20bf5
parent f4cfd8a9fe
2 changed files with 17 additions and 0 deletions
--- a/back/index.js
+++ b/back/index.js
@ -4,12 +4,27 @@ const path = require("path");
 const config = require("./config");
 const cookieParser = require("cookie-parser");
 const cors = require("cors");
+const rateLimit = require("express-rate-limit");
+const slowDown = require("express-slow-down");
 require("dotenv").config();

 const app = express();
 var expressWs = require('express-ws')(app);
 const port = config.port || 3000;

+const limiter = rateLimit({
+  windowMs: 3 * 1000,
+  max: 20,
+});
+
+const speedLimiter = slowDown({
+  windowMs: 3 * 1000,
+  delayAfter: 20,
+  delayMs: () => 5000,
+});
+
+app.use(speedLimiter);
+app.use(limiter);
 app.use(express.json());
 app.use(cookieParser());
 app.use(cors());
--- a/back/package.json
+++ b/back/package.json
@ -16,6 +16,8 @@
    "cors": "^2.8.5",
    "dotenv": "^16.3.1",
    "express": "^4.18.2",
+    "express-rate-limit": "^7.5.0",
+    "express-slow-down": "^2.0.3",
    "express-ws": "^5.0.2",
    "fs": "^0.0.1-security",
    "https": "^1.0.0",