{"id":17132,"library":"hono-rate-limiter","title":"Hono Rate Limiter Middleware","description":"hono-rate-limiter is a middleware library designed for the Hono web framework, providing robust rate-limiting capabilities for both HTTP API endpoints and WebSocket connections. Its current stable version is 0.5.3, with minor releases occurring relatively frequently, indicating active development. The library is inspired by the widely-used `express-rate-limit` and aims to bring similar comprehensive functionality to Hono applications, focusing on developer experience and flexibility. A key differentiator is its flexible storage mechanism, now supporting Unstorage, which allows developers to integrate various backends like Redis, Cloudflare KV, or file systems for persistent rate limit tracking. It simplifies the process of protecting Hono routes from abuse and ensures API stability under high traffic, offering fine-grained control over rate limits and responses.","status":"active","version":"0.5.3","language":"javascript","source_language":"en","source_url":"https://github.com/rhinobase/hono-rate-limiter","tags":["javascript","hono","api","middleware","rest-api","rate-limiting","rate-limiter","honojs","typescript"],"install":[{"cmd":"npm install hono-rate-limiter","lang":"bash","label":"npm"},{"cmd":"yarn add hono-rate-limiter","lang":"bash","label":"yarn"},{"cmd":"pnpm add hono-rate-limiter","lang":"bash","label":"pnpm"}],"dependencies":[{"reason":"Core web framework peer dependency, as this is a Hono middleware.","package":"hono","optional":false},{"reason":"Peer dependency for storage abstraction, used for types and recommended for persistent stores.","package":"unstorage","optional":false}],"imports":[{"note":"The primary named export for creating the HTTP rate limit middleware. Hono is primarily ESM-focused, so CJS `require` is generally incorrect.","wrong":"const rateLimiter = require('hono-rate-limiter');","symbol":"rateLimiter","correct":"import { rateLimiter } from 'hono-rate-limiter';"},{"note":"Named export for WebSocket-specific rate limiting, introduced in v0.4.0.","wrong":"import WebSocketLimiter from 'hono-rate-limiter';","symbol":"WebSocketLimiter","correct":"import { WebSocketLimiter } from 'hono-rate-limiter';"},{"note":"Basic in-memory store; concrete store implementations are typically imported from the `/stores` subpath or a dedicated storage package.","wrong":"import { MemoryStore } from 'hono-rate-limiter';","symbol":"MemoryStore","correct":"import { MemoryStore } from 'hono-rate-limiter/stores';"},{"note":"Type-only import for implementing custom storage solutions, ensuring type compatibility.","wrong":"import { Store } from 'hono-rate-limiter';","symbol":"Store","correct":"import type { Store } from 'hono-rate-limiter';"}],"quickstart":{"code":"import { Hono } from 'hono';\nimport { rateLimiter } from 'hono-rate-limiter';\nimport { MemoryStore } from 'hono-rate-limiter/stores';\n\nconst app = new Hono();\n\n// Configure the rate limiter middleware\nconst limiter = rateLimiter({\n  windowMs: 60 * 1000, // 1 minute\n  limit: 5, // Limit each IP to 5 requests per minute\n  standardHeaders: 'draft-7', // Set standard rate limit headers\n  legacyHeaders: false, // Disable X-RateLimit-* headers\n  // keyGenerator: (c) => c.req.ip, // Uses client IP by default if not provided\n  store: new MemoryStore(), // In-memory store (not recommended for production)\n  message: 'You are making too many requests. Please try again soon.',\n  handler: (c) => {\n    return c.json({\n      status: 429,\n      message: 'Too many requests, please try again after some time.'\n    }, 429)\n  }\n});\n\n// Apply the rate limiter globally or to specific routes\napp.use(limiter);\n\napp.get('/', (c) => {\n  return c.text('Welcome to the Hono Rate Limited API!');\n});\n\napp.get('/protected', (c) => {\n  return c.json({ data: 'This is protected data.' });\n});\n\nexport default app;\n","lang":"typescript","description":"Demonstrates how to import and apply the `rateLimiter` middleware to a Hono application, configure basic limits, and use an in-memory store."},"warnings":[{"fix":"Migrate to using `@hono-rate-limiter/cloudflare` for Cloudflare-specific stores. Review documentation for updated configuration.","message":"As of `v0.5.0`, specialized Cloudflare KV and Durable Object stores were removed from the main `hono-rate-limiter` package. If you were using these, you now need to explicitly use the `@hono-rate-limiter/cloudflare` package.","severity":"breaking","affected_versions":">=0.5.0"},{"fix":"Ensure `keyGenerator` is explicitly provided in your `rateLimiter` configuration, e.g., `keyGenerator: (c) => c.req.ip`.","message":"In `core-0.3.0`, the `keyGenerator` option became a required parameter for the `rateLimiter` configuration. Omitting it will lead to runtime errors.","severity":"breaking","affected_versions":">=0.3.0"},{"fix":"Install and configure a dedicated Redis store package (e.g., `@hono-rate-limiter/redis`) or an `unstorage` Redis driver, and pass an instance to the `store` option.","message":"Support for built-in Redis stores was dropped in `core-0.2.0`. Users who relied on this feature must now use a separate data store package, such as `@hono-rate-limiter/redis` or an `unstorage` compatible store.","severity":"breaking","affected_versions":">=0.2.0"},{"fix":"Keep an eye on the changelog for new releases, report issues, and be prepared for potential minor breaking changes. Pinning to specific minor versions might be advisable in production.","message":"The package is still actively in development. While functional, it might undergo further API changes or feature adjustments in future minor versions. Feedback is highly appreciated by the maintainers.","severity":"gotcha","affected_versions":">=0.1.0"}],"env_vars":null,"last_verified":"2026-04-22T00:00:00.000Z","next_check":"2026-07-21T00:00:00.000Z","problems":[{"fix":"Add `keyGenerator: (c) => c.req.ip` or a custom function to your `rateLimiter` options.","cause":"The `keyGenerator` option was omitted from the `rateLimiter` configuration after it became a required parameter in `v0.3.0`.","error":"TypeError: keyGenerator is not a function or is missing"},{"fix":"Ensure you are passing a valid store instance, e.g., `store: new MemoryStore()` or `store: new RedisStore(...)` after installing the appropriate package.","cause":"The `store` option for `rateLimiter` was either not provided or an invalid object was passed, preventing the middleware from initializing properly.","error":"Error: Invalid store. Please provide a valid store implementation."},{"fix":"Use ESM named imports: `import { rateLimiter } from 'hono-rate-limiter';`.","cause":"Attempting to use `require()` for importing `hono-rate-limiter` in an ESM context, or incorrectly trying to import it as a default export.","error":"TypeError: rateLimiter is not a function"}],"ecosystem":"npm","meta_description":null}