reqlim: Request Limiting Middleware

0.0.0 verified Thu Apr 23 auth: no javascript abandoned

reqlim is a Connect/Express middleware designed to limit incoming requests, acting as a direct adaptation of the popular `express-rate-limit` package. Its primary function is to prevent abuse by restricting the number of requests a user can make within a specified timeframe, returning a 429 'Too Many Requests' status when limits are exceeded. Despite its utility, the package remains at an early development stage with version 0.0.0 and has not seen active development since its initial publication over four years ago. This makes it an effectively abandoned project. Developers seeking a stable, actively maintained, and feature-rich rate-limiting solution for Express applications should opt for `express-rate-limit` directly, which served as the inspiration for `reqlim` and offers continuous updates, bug fixes, and better community support, including TypeScript definitions.

Common errors

error ReferenceError: require is not defined in ES module scope ↓

cause Attempting to use `require()` in a Node.js ES Module (`.mjs` file or `type: 'module'` in `package.json`) without proper transpilation.

fix

Ensure your project is configured for CommonJS, or use import syntax with a CJS interop (e.g., import rateLimit from 'reqlim';). The simplest solution is to use a modern, ESM-compatible rate limiter like express-rate-limit.

error TypeError: app.use() requires a middleware function but got a undefined ↓

cause Calling `app.use(rateLimit)` instead of `app.use(rateLimit())`. The `rateLimit` export is a factory function that *returns* the middleware.

fix

Always invoke the rateLimit function to get the actual middleware: app.use(rateLimit({ ...options })).

Warnings

breaking The package version is 0.0.0, indicating it is an unstable, pre-release version. It has not been updated in over four years, meaning it is effectively abandoned and should not be used in production environments. ↓

fix Migrate to `express-rate-limit` which is actively maintained, feature-rich, and the upstream project `reqlim` was based on.

gotcha reqlim is a CommonJS-only package. Attempting to use `import` syntax in an ESM project will result in runtime errors unless a build step or Node.js's CJS interop is properly configured. ↓

fix Use `const rateLimit = require('reqlim')` for Node.js CommonJS projects, or consider using `express-rate-limit` which often provides better ESM support or type definitions.

gotcha The package does not ship with TypeScript type definitions. Using it in a TypeScript project will require manually declaring types or suppressing type errors, which can lead to runtime issues. ↓

fix Install `@types/reqlim` if available (unlikely for an abandoned package) or create a custom `d.ts` declaration file. The recommended fix is to use `express-rate-limit` which has official TypeScript support.

breaking Due to its abandoned status, `reqlim` will not receive security updates, bug fixes, or performance improvements. Using it could expose applications to known vulnerabilities or introduce unexpected behavior. ↓

fix Replace `reqlim` with a well-maintained and secure alternative like `express-rate-limit` to ensure ongoing security and stability.

Install

npm install reqlim

yarn add reqlim

pnpm add reqlim

Imports

rateLimit
wrong
```
import rateLimit from 'reqlim'
```
correct
```
const rateLimit = require('reqlim')
```
reqlim is a CommonJS-only package. Direct ESM `import` statements will fail without a CJS interop layer or transpilation.
middleware factory
wrong
```
app.use(rateLimit)
```
correct
```
app.use(rateLimit({ windowMs: 60 * 1000, max: 5 }))
```
The `rateLimit` function must be called to create and return the actual middleware instance, even if no options are passed. Passing options configures its behavior.
options configuration
wrong
```
rateLimit(60000, 100)
```
correct
```
rateLimit({ windowMs: 60000, max: 100, statusCode: 429 })
```
Configuration for the rate limiter is done exclusively through a single options object, not via positional arguments.

Quickstart

This quickstart demonstrates how to set up `reqlim` as a global middleware for an Express application, limiting requests to 5 per minute per IP address. It includes basic configuration, a custom message, and an `onLimitReached` callback for logging.

const express = require('express');
const rateLimit = require('reqlim');

const app = express();
const port = 3000;

// Basic rate limiting middleware: 5 requests per minute per IP
const limiter = rateLimit({
  windowMs: 60 * 1000, // 1 minute
  max: 5, // Limit each IP to 5 requests per `window`
  message: 'Too many requests from this IP, please try again after a minute',
  headers: true, // Send rate limit info in headers
  onLimitReached: (req, res, options) => {
    console.log(`IP ${req.ip} has reached the limit on ${req.url}`);
  }
});

// Apply the rate limiting middleware to all requests
app.use(limiter);

// Define a simple route
app.get('/', (req, res) => {
  res.send('Hello World! You are being rate limited.');
});

// Start the server
app.listen(port, () => {
  console.log(`Server listening at http://localhost:${port}`);
  console.log('Try to make more than 5 requests in a minute to see the rate limit in action.');
});