ScaffoldHub
Search…
ScaffoldHub
Introduction
Modeling
Setup
Debugging
Deployment
Features
Architecture
Security
File Storage
Internationalization (I18n)
Payments
Typescript Support
Rate limiting
Technologies Versions
Under construction...
Recipes
Support
Changelog
Custom Development
Legacy Scaffolds
Go to ScaffoldHub
Powered By GitBook
Rate limiting
ScaffoldHub uses https://github.com/nfriedly/express-rate-limit to limit repeated requests to the backend API.
It uses the default Memory Store, but you can easily integrate with other stores for more consistency: https://github.com/nfriedly/express-rate-limit#stores.

Global Rate Limit

The global rate limit is defined at the file: backend/src/api/index.ts .
1
// Default rate limiter
2
const defaultRateLimiter = createRateLimiter({
3
max: 500,
4
windowMs: 15 * 60 * 1000,
5
message: 'errors.429',
6
});
7
app.use(defaultRateLimiter);
Copied!

Auth Rate Limits

Sign-in, Sign-up, Password Reset and Email Verification endpoints have a short limit and can be configured at: backend/src/api/auth/index.ts.
1
//...
2
​
3
const emailRateLimiter = createRateLimiter({
4
max: 6,
5
windowMs: 15 * 60 * 1000,
6
message: 'errors.429',
7
});
8
​
9
app.post(
10
`/auth/send-email-address-verification-email`,
11
emailRateLimiter,
12
require('./authSendEmailAddressVerificationEmail')
13
.default,
14
);
15
​
16
app.post(
17
`/auth/send-password-reset-email`,
18
emailRateLimiter,
19
require('./authSendPasswordResetEmail').default,
20
);
21
​
22
const signInRateLimiter = createRateLimiter({
23
max: 20,
24
windowMs: 15 * 60 * 1000,
25
message: 'errors.429',
26
});
27
​
28
app.post(
29
`/auth/sign-in`,
30
signInRateLimiter,
31
require('./authSignIn').default,
32
);
33
34
app.post(
35
`/tenant/:tenantId/auth/sign-in`,
36
signInRateLimiter,
37
require('./authSignIn').default,
38
);
39
​
40
const signUpRateLimiter = createRateLimiter({
41
max: 20,
42
windowMs: 60 * 60 * 1000,
43
message: 'errors.429',
44
});
45
​
46
app.post(
47
`/auth/sign-up`,
48
signUpRateLimiter,
49
require('./authSignUp').default,
50
);
51
​
52
app.post(
53
`/tenant/:tenantId/auth/sign-up`,
54
signUpRateLimiter,
55
require('./authSignUp').default,
56
);
57
​
58
//...
59
};
60
​
Copied!
​
Previous
Typescript Support
Next
Technologies Versions
Last modified 1yr ago
Copy link
Contents
Global Rate Limit
Auth Rate Limits