Reputation: 1
Does express-rate-limit work on server requests from client side?
So I have a web app I've built with react and javascript that consists of a server side and a client side. This is what I set up on the server app.js:
require("./DB/connectToDb");
// require("./primeryData/primeryCards")();
const express = require("express");
const app = express();
const rateLimit = require("express-rate-limit");
const usersRouter = require("./Routes/Users/userRouter");
const cardsRouter = require("./Routes/Cards/cardsRouter");
const ordersRouter = require("./Routes/Orders/OrderRouter");
const chalk = require("chalk");
const morgan = require("morgan");
const cors = require("cors");
app.use(morgan(chalk.cyan(":method :url :status :response-time ms")));
app.use(cors());
app.use(express.json());
app.use("/api/users", usersRouter);
app.use("/api/cards", cardsRouter);
app.use("/api/orders", ordersRouter);
const PORT = 8181;
app.listen(PORT, () =>
console.log(chalk.blueBright.bold(`server run on: http://:localhost:${PORT}`))
);
const limiter = rateLimit({
windowMs: 15 * 60 * 1000, // 15 minutes
max: 10, // Limit each IP to 100 requests per `window` (here, per 15 minutes)
message: "Limited I Guess..."
})
app.get("/",limiter,(req,res)=>res.send(req.ip));
app.use('/api', limiter);When I go to the Browser with http://localhost:8181/ I get my IP which is ::1 After refreshing >10 times I get "Limited I Guess..." as it should. However when I try and use my client side to make requests nothing happens, I can make a million server calls!!! Am I missing something? Does express-rate-limit not work when client side is making the server calls? An example of my server api:
/********** Like/Dislike Card **********/
router.patch("/card-like/:id", auth, async (req, res) => {
try {
// console.log(req.params.id);
const user = req.user;
let card = await Card.findOne({ _id: req.params.id });
const cardLikes = card.likes.find((id) => id === user._id);
if (!cardLikes) {
card.likes.push(user._id);
card = await card.save();
return res.send(card);
}
const cardFiltered = card.likes.filter((id) => id !== user._id);
card.likes = cardFiltered;
card = await card.save();
return res.send(card);
} catch (error) {
console.log(chalk.redBright("Could not edit like:", error.message));
return res.status(500).send(error.message);
}
});Upvotes: 0
Views: 352
Answers (1)
Reputation: 1
I was using the library in app.js, tried using it in api.js and worked I guess, app.js was unaware of what was going on in api.js even though it was required.
Upvotes: 0
Related Questions
- Can I use api rate limiter by passing it in router.use() in express?
- Rate limit the number of request made from react client to API
- Can I set multiple rate limits for the same routes with express-rate-limit?
- express-rate-limit with static
- How to set X-RateLimit-Reset with express-rate-limit?
- Express-rate-limit vs NGINX in a node server
- Node js Rate Limit
- express - Limit a request to one at a time
- Rate limit API queries in node.js
- Throttling express server