In the Node js How to Users should be restricted to a defined number of login attempts per unit of time

861 Views Asked by Shankar V At 13 February 2022 at 14:46

Users should be restricted to a defined number of login attempts per unit of time, After the n number of unsuccesfull login attemots user can be lock, this is for avoiding Brute Force Attack

Original Q&A

There are 1 best solutions below

Ismail Hosen On 28 March 2022 at 16:33

you can use express-rate-limit npm package.

import rateLimit from 'express-rate-limit';
import express from 'express';

const app = express();
const limiter = rateLimit({
            windowMs: 15 * 60 * 1000, // 15 minutes
            max: 100, // Limit each IP to 100 requests per `window` (here, per 15 minutes)
            standardHeaders: true, // Return rate limit info in the `RateLimit-*` headers
            legacyHeaders: false, // Disable the `X-RateLimit-*` headers
            message: "You exceeded 100 requests in 15 minutes limit!",
        });
    
 // Apply the rate limiting middleware to all requests
 app.use(limiter);

you can also use rate-limiter-flexible package with Redis..
also you can find it here

In the Node js How to Users should be restricted to a defined number of login attempts per unit of time

There are 1 best solutions below

Related Questions in AUTHENTICATION

Related Questions in LOGIN-ATTEMPTS

Trending Questions

Popular # Hahtags

Popular Questions