W
W
wakenbyWork2022-02-22 14:56:20
Node.js
wakenbyWork, 2022-02-22 14:56:20

How to prohibit sending more than n number of requests from ip?

There is a code that subscribes users to mail chimp. So I don’t want one user to be able to conditionally make a million requests with mail using a script or somehow, how can I protect myself from this?

Here is the subscription code:

const express = require('express')
const bodyParser = require('body-parser')
const app = express()
const Mailchimp = require('mailchimp-api-v3')

app.use(bodyParser.json())
app.use(function (req, res, next) {
  res.setHeader('Access-Control-Allow-Origin', 'http://localhost:3000')
  res.setHeader('Access-Control-Allow-Methods', 'POST')
  res.setHeader('Access-Control-Allow-Headers', 'X-Requested-With,content-type')
  res.setHeader('Access-Control-Allow-Credentials', true)
  next()
})

app.post('/subscribe',function (req, res) {
  const { email } = req.body
  const api_key = '...'
  const list_id = '...'
  const mailchimp = new Mailchimp(api_key)
  
  mailchimp.post(`lists/${list_id}`, {
    members: [{
      email_address: email,
      status: 'subscribed'
    }]
  })
    .then(result => res.send(result))
    .catch(error => res.send(error))
})

app.listen(1000)

Answer the question

In order to leave comments, you need to log in

1 answer(s)
R
Rag'n' Code Man, 2022-02-22
@wakenbyWork

Five seconds in google: https://www.npmjs.com/package/express-rate-limit
Keywords: rate limit, throttle.
Well, instead of manually setting CORS headers, there is also an npm module of the same name.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question