[feat]: Generalized ratelimit default limits passed as args

index.js

@@ -2,6 +2,19 @@ var logger = require('./logger');
 var _ = require('lodash');
 var moment = require('moment');
 
+// default limits on the ratelimiter
+// key should be a valid http verb in capitals
+var defaultLimits = {
+	'GET': {
+		max: 15,
+		duration: 120000
+	},
+	'*': {
+		max: 15,
+		duration: 120000
+	}
+}
+
 module.exports = {
 
 	requestLogger: function (req, res, next) {
@@ -121,21 +134,34 @@ module.exports = {
 
 	getLogger: logger.getLogger,
 
-	rateLimit: function (redis_host) {
+	rateLimit: function (redis_host, passedLimits = {}) {
 		const ratelimiter = require('ratelimiter');
 		var redis_db = require('redis').createClient({ host: redis_host });
-		return function (req, res, next) { 	// for the time being removing GET requests form rate limiting. TODO: for GET request limiting parameter would be more linient
-			if (req.method == 'GET')
-				return next();
+		return function (req, res, next) {
+			// if (req.method == 'GET')
+			// 	return next();
 
 			// don't rate limit on machine to machine communication
 			if (req.user && req.user.is_machine === true)
 				return next();
+
+			// Map request method to the default limits already defined
+			// if defined already, well and good; if not then use the default '*' limits
+			var method = ( _.get(defaultLimits, req.method, false) ) ? req.method : '*';
+
+			// Default Rate limit is set here
+			var definedLimits = _.get(defaultLimits, method, false);
+
+			// Default limit is overwritten by Limit argument in the function itself
+			//passedLimits.map( (passedLimit, key) => definedLimits[key] = passedLimit);
+			Object.keys(passedLimits).forEach(function(key, index) {
+				definedLimits[key] = _.get(passedLimits, key, definedLimits[key]);
+			});
 
 			// req.ip gives you the true proxied ip. id is combination of ip and req path
 			var id = req.ip + '_' + req.path;
 			// 15 requests are allowed in 2 minute.
-			var limit = new ratelimiter({ id: id, db: redis_db, max: 15, duration: 120000 });
+			var limit = new ratelimiter({ id: id, db: redis_db, max: definedLimits.max, duration: definedLimits.duration });
 			limit.get(function (err, limit) {
 				if (err) return next(err);
 
@@ -150,7 +176,7 @@ module.exports = {
 				// not good
 				var after = limit.reset - (Date.now() / 1000) | 0;
 				res.set('Retry-After', after);
-				res.status(429).json({ satus: 'error', message: 'Rate limit exceeded, retry ' + moment(new Date(limit.reset * 1000)).fromNow() });
+				res.status(429).json({ status: 'error', message: 'Rate limit exceeded, retry ' + moment(new Date(limit.reset * 1000)).fromNow() });
 			});
 		}
 	},