A store must have the increment, decrement, and resetKey public
methods. It may optionally have the init, get and resetAll public methods
and a prefix (string) or localKeys (boolean) field. For backwards
compatibility with versions prior to 6.0.0, it may also have the incr and
decr public methods. Finally, it may have a constructor and any number of
private methods.
The increment method is the primary interface between the middleware and the
store. It adds 1 to the internal count for a key and returns an object
consisting of the new internal count (totalHits) and the time that the count
will reach 0 (resetTime).
The decrement method is used only to ‘uncount’ requests when one or both of
the skipSuccessfulRequests or skipFailedRequests options are enabled.
The init method allows the store to set itself up using the options passed to
the middleware. The store can get the windowMs option from this method.
The get method takes a string argument (the key that identifies a client)
and returns an object consisting of the internal hit count (totalHits) and the
time that the count will reach 0 (resetTime) for the given client. It may
return undefined if it cannot find the key.
The resetKey method takes a string argument (the key that identifies a
client) and sets the internal count for that key to zero.
The resetAll method takes no arguments and sets the internal count for all
keys to zero.
The prefix field is used to avoid conflicts when the user creates multiple
instances of the store for multiple rate limits (e.g. 10 hits per minute and 60
hits per hour). Keys in the database should be prefixed with this value.
prefix is generally passed as an option to the constructor. (The singleCount
validation check also takes the prefix field into account and does not report
that a user is being double-counted if the stores have different prefixes.)
The localKeys field is an alternative to prefix for stores such as the
MemoryStore where two instances will automatically keep separate counts. Setting
it to true will prevent false positives from the singleCount validation
check.
The get and resetKey methods can be called from the middleware, like so:
// Create a rate limiter.const limiter =rateLimit({/* ... */})// Fetch or reset the hit count for a key.limiter.get('1.2.3.4')limiter.resetKey('1.2.3.4')
importtype{ Store, Options, IncrementResponse, ClientRateLimitInfo,}from'express-rate-limit'typeSomeStoreOptions={/*** Optional field to differentiate hit countswhen multiple rate-limits are in use*/ prefix?:string/*** Some store-specific parameter*/ customParam:string}/***A`Store` that stores the hit count for each client.*/@publicclassSomeStoreimplementsStore{/*** Some store-specific parameter.*/ customParam!:string/*** The duration of time before which all hit counts are reset(in milliseconds).*/ windowMs!:number prefix!:string/***@constructorfor`SomeStore`. Only required if the user needs to pass* some store specific parameters. For example,in a Mongo Store, the user will* need to pass the URI, username and password for the Mongo database.** Accepting a custom `prefix` here is also recommended.**@param options {SomeStoreOptions}- Prefix and any store-specific parameters.*/constructor(options: SomeStoreOptions){this.customParam = options.customParamthis.prefix = options.prefix ??'rl_'}/*** Method that actually initializes the store. Must be synchronous.** This method is optional, it will be called only if it exists.**@param options {Options}- The options used to setup express-rate-limit.** @public*/init(options: Options):void{this.windowMs = options.windowMs// ...}/*** Method to prefix the keys with the given text.** Call this from get, increment, decrement, resetKey, etc.**@param key {string}- The key.**@returns{string}- The text + the key.*/prefixKey(key:string):string{return`${this.prefix}${key}`}/*** Method to fetch a client's hit count and reset time.**@param key {string}- The identifier for a client.**@returns{ClientRateLimitInfo}- The numberof hits and reset time for that client.** @public*/asyncget(key:string):Promise<ClientRateLimitInfo |undefined>{// ...return{ totalHits, resetTime,}}/*** Method to increment a client's hit counter.**@param key {string}- The identifier for a client.**@returns{IncrementResponse}- The numberof hits and reset time for that client.** @public*/asyncincrement(key:string):Promise<IncrementResponse>{// ...return{ totalHits, resetTime,}}/*** Method to decrement a client's hit counter.**@param key {string}- The identifier for a client.** @public*/asyncdecrement(key:string):Promise<void>{// ...}/*** Method to reset a client's hit counter.**@param key {string}- The identifier for a client.** @public*/asyncresetKey(key:string):Promise<void>{// ...}/*** Method to reset everyone's hit counter.** This method is optional, it isnever called by express-rate-limit.** @public*/asyncresetAll():Promise<void>{// ...}}// Export the store so others can use itexportdefault SomeStore
// Use `const ... = require('...')` instead if you are using CommonJSimport rateLimit from'express-rate-limit'import SomeStore from'./some-store.js'const limiter =rateLimit({ store:newSomeStore({ customParam:'🎉'}),})