diff --git a/index.js b/index.js index 74ed572..910ca1b 100644 --- a/index.js +++ b/index.js @@ -19,6 +19,14 @@ const pgp = require('pg-promise')(); const DATABASE_URL= process.env.DATABASE_URL || "postgresql://localhost:5432/my_products_list"; + +const ratelimiter= require('express-rate-limit'); + +const limiter = ratelimiter({ + windowMs: 15 * 60 * 1000, // 15 minutes + max: 100 // limit each IP to 100 requests per windowMs +}); + const config = { connectionString : DATABASE_URL } diff --git a/package-lock.json b/package-lock.json index 764e809..c3de4e2 100644 --- a/package-lock.json +++ b/package-lock.json @@ -16,6 +16,7 @@ "express-flash": "0.0.2", "express-handlebars": "^3.0.0", "express-myconnection": "^1.0.4", + "express-rate-limit": "^8.0.1", "express-session": "^1.15.6", "lodash": "^4.17.21", "mysql": "^2.5.3", @@ -1810,6 +1811,24 @@ "resolved": "https://registry.npmjs.org/express-myconnection/-/express-myconnection-1.0.4.tgz", "integrity": "sha1-h3YEn7+fJiIJz/21NbfHUJcz/1U=" }, + "node_modules/express-rate-limit": { + "version": "8.0.1", + "resolved": "https://registry.npmjs.org/express-rate-limit/-/express-rate-limit-8.0.1.tgz", + "integrity": "sha512-aZVCnybn7TVmxO4BtlmnvX+nuz8qHW124KKJ8dumsBsmv5ZLxE0pYu7S2nwyRBGHHCAzdmnGyrc5U/rksSPO7Q==", + "license": "MIT", + "dependencies": { + "ip-address": "10.0.1" + }, + "engines": { + "node": ">= 16" + }, + "funding": { + "url": "https://github.com/sponsors/express-rate-limit" + }, + "peerDependencies": { + "express": ">= 4.11" + } + }, "node_modules/express-session": { "version": "1.15.6", "resolved": "https://registry.npmjs.org/express-session/-/express-session-1.15.6.tgz", @@ -2521,6 +2540,15 @@ "loose-envify": "^1.0.0" } }, + "node_modules/ip-address": { + "version": "10.0.1", + "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-10.0.1.tgz", + "integrity": "sha512-NWv9YLW4PoW2B7xtzaS3NCot75m6nK7Icdv0o3lfMceJVRfSoQwqD4wEH5rLwoKJwUiZ/rfpiVBhnaF0FK4HoA==", + "license": "MIT", + "engines": { + "node": ">= 12" + } + }, "node_modules/ipaddr.js": { "version": "1.6.0", "resolved": "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-1.6.0.tgz", @@ -8895,6 +8923,14 @@ "resolved": "https://registry.npmjs.org/express-myconnection/-/express-myconnection-1.0.4.tgz", "integrity": "sha1-h3YEn7+fJiIJz/21NbfHUJcz/1U=" }, + "express-rate-limit": { + "version": "8.0.1", + "resolved": "https://registry.npmjs.org/express-rate-limit/-/express-rate-limit-8.0.1.tgz", + "integrity": "sha512-aZVCnybn7TVmxO4BtlmnvX+nuz8qHW124KKJ8dumsBsmv5ZLxE0pYu7S2nwyRBGHHCAzdmnGyrc5U/rksSPO7Q==", + "requires": { + "ip-address": "10.0.1" + } + }, "express-session": { "version": "1.15.6", "resolved": "https://registry.npmjs.org/express-session/-/express-session-1.15.6.tgz", @@ -9366,6 +9402,11 @@ "loose-envify": "^1.0.0" } }, + "ip-address": { + "version": "10.0.1", + "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-10.0.1.tgz", + "integrity": "sha512-NWv9YLW4PoW2B7xtzaS3NCot75m6nK7Icdv0o3lfMceJVRfSoQwqD4wEH5rLwoKJwUiZ/rfpiVBhnaF0FK4HoA==" + }, "ipaddr.js": { "version": "1.6.0", "resolved": "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-1.6.0.tgz", diff --git a/package.json b/package.json index 456930a..0e848b3 100644 --- a/package.json +++ b/package.json @@ -17,6 +17,7 @@ "express-flash": "0.0.2", "express-handlebars": "^3.0.0", "express-myconnection": "^1.0.4", + "express-rate-limit": "^8.0.1", "express-session": "^1.15.6", "lodash": "^4.17.21", "mysql": "^2.5.3",