rateLimit
function accepts an options object and returns the rate limiting
middleware.
An example with the recommended configuration is as follows:
/auth/*
endpoints), specify the url as the first parameter in app.use
:
POST /reset_password
), add the limiter as a middle argument to
app.get
/app.post
/etc.:
undefined
, or the IP of the load balancer/reverse proxy (leading to
the rate limiter blocking all requests once the limit is reached).To fix this, take a look at the guide to
troubleshooting proxy issues.keyGenerator
to
return the user’s IP (or some other identifier). However, additional changes
changes are sometimes needed, such as
handling schema migrations with rate-limit-postgresql.
rateLimit
function, like so: