There is nothing more important in managing the frequency of the incoming requests to an API than rate limiting. In this case, bounded calls per user are useful as they sliced the brute force attack problem to specific time slicers, avoid server overload or maybe overloaded by a malicious user and also ensure that all user get an equal and fair use of the service.
Unfortunately, rate limiting in NestJS lacks flexibility and efficiency until now when a package named @nestjs/throttler can be used. Here's a basic example:
In the above example, we set the ThrottlerModule to have a API limit of 10 requests in the time period of sixty seconds. The ThrottlerGuard is used on the ProtectedController so that all the method calls are limited by the rate. It reduces the health risk of building up a huge traffic on the server resulting in vulnerability to some malicious attacks.
Steps to run the demo:
1) Click Here to Open the demo code
2) Click on the preview button to run the application.
3) Hit the URL twice, it will allow the code to run.
4) When you click a third time, it will block the API call, and you will receive the following error: {"statusCode":429,"message":"ThrottlerException: Too Many Requests"}
Ready to transform your business with our technology solutions? Contact Us today to Leverage Our NodeJS Expertise.
0