-
-
Notifications
You must be signed in to change notification settings - Fork 178
IoValkey
Avi Fenesh edited this page Apr 9, 2025
·
2 revisions
Rate limiting with iovalkey
const { RateLimiterValkey } = require('rate-limiter-flexible')
const Valkey = require('iovalkey')
const valkeyClient = new Valkey({
port: 8080,
host: '127.0.0.1',
})
const opts = {
storeClient: redisClient,
points: 5, // Number of points
duration: 1, // Per second
}
const rateLimiterValkey = new RateLimiterValkey(opts)
rateLimiterValkey.consume(userEmail)
.then((rateLimiterRes) => {
// ... Some app logic here ...
})
.catch((rejRes) => {
if (rejRes instanceof Error) {
// Some error happened.
// Never happen if `insuranceLimiter` is set up.
// Decide what to do with it in another case.
} else {
// Not enough points to consume.
// The promise is rejected with number of ms before current duration ends and points are reset.
const secs = Math.round(rejRes.msBeforeNext / 1000) || 1
res.set('Retry-After', String(secs))
res.status(429).send('Too Many Requests')
}
});Get started
Middlewares and plugins
Migration from other packages
Limiters:
- Cluster
- Drizzle
- DynamoDB
- Etcd
- Memcached
- Memory
- MongoDB (with sharding support)
- MySQL
- PM2 Cluster
- PostgreSQL
- Prisma
- Redis
- SQLite
- Valkey: iovalkey and Valkey Glide
- BurstyRateLimiter
- RateLimiterUnion
- RateLimiterQueue
Wrappers:
- AWS SDK v3 Client Rate Limiter
- RLWrapperBlackAndWhite Black and White lists
Knowledge base:
- Block Strategy in memory
- Insurance Strategy
- Periodic sync to reduce number of requests
- Comparative benchmarks
- Smooth out traffic peaks
-
Usage example
- Minimal protection against password brute-force
- Login endpoint protection
- Websocket connection prevent flooding
- Dynamic block duration
- Different limits for authorized users
- Different limits for different parts of application
- Block Strategy in memory
- Insurance Strategy
- Third-party API, crawler, bot rate limiting