FAQ

1. How do I apply rate limiting to specific routes?

You can apply the middleware to individual routes:

app.post(
  "/auth/reset-password",
  expressRateLimiter({
    limitOptions: () => {
      return { max: 2, window: 3600 };
    },
  })
);

2. Can I set different rate limits for different users?

Yes, you can use dynamic rate limits based on user roles or API keys.

app.post(
  "/upload",
  expressRateLimiter({
    limitOptions: (req) => {
      if (req.user.isPremium === true) return { max: 100, window: 3600 };
      else return { max: 50, window: 3600 };
    },
  })
);

3. Does this library support distributed rate limiting?

Yes, when using Redis as the storage backend, rate limits are shared across multiple servers.

4. How can I allow certain IPs to bypass rate limits?

You can whitelist IPs:

app.use(expressRateLimiter({
  key: (req) => req.ip as string,
  skip: ["ip-1", "ip-2"],
  limitOptions: () => {
    return { max: 5, window: 10 };
  }
}));

5. What happens when a request exceeds the limit?

The middleware returns a 429 Too Many Requests response.

6: Why does it not work with NestJS with Fastify?

Ensure that you have configured NestJS to use Fastify as the underlying HTTP Adapter and try again.

1. How do I apply rate limiting to specific routes?​

2. Can I set different rate limits for different users?​

3. Does this library support distributed rate limiting?​

4. How can I allow certain IPs to bypass rate limits?​

5. What happens when a request exceeds the limit?​