GlobeHoppin · Tiwariji-07 · Oct 12, 2024 · Mustafiz04 · Oct 22, 2024 · Tiwariji-07
diff --git a/api/middleware/rateLimiter.js b/api/middleware/rateLimiter.js
@@ -0,0 +1,35 @@
+// Rate Limiting using Token bucket algorithm
+
+// Maximum number of requests allowed in a given time frame
+const REQUEST_LIMIT = 5;
+
+// Time frame in milliseconds
+const WINDOW_SIZE = 10000;
+
+// Initialize with REQUEST_LIMIT number of tokens
+const tokens = Array(REQUEST_LIMIT).fill(1);
+
+var time = new Date().getTime();
+
+export const rateLimiter = (req, res, next) => {
+  if (tokens.length && new Date().getTime() - time < WINDOW_SIZE) {
+    tokens.pop();
+    next();
+  } else {
+    if (new Date().getTime() - time >= WINDOW_SIZE) {
+      const len = tokens.length;
+      for (let i = 0; i < 5 - len; i++) {
+        tokens.push(1);
+      }
+      time = new Date().getTime();
+      rateLimiter(req, res, next);
+    } else {
+      res.status(429).json({
+        message: `You have exceeded the ${REQUEST_LIMIT} requests in ${WINDOW_SIZE} ms limit !! , ${
+          new Date().getTime() - time
+        }`,
+        status: 429,
+      });
+    }
+  }
+};
diff --git a/app.js b/app.js
@@ -7,6 +7,8 @@ import cors from "cors"; // Import cors package
 import Routes from "./api/routes";
 import startServer from "./startServer";
 
+import { rateLimiter } from "./api/middleware/rateLimiter"; // Import rate limiter middleware
+
 const app = new Express();
 
 //added cors to avoid cors error
@@ -18,6 +20,9 @@ app.use(bodyParser.json());
 // Support parsing of application/x-www-form-urlencoded post data
 app.use(bodyParser.urlencoded({ extended: true }));
 
+// Added Rate Limiter
+app.use(rateLimiter);
+
 // Initialize Routes
 Routes.init(app);