max=0 disables rate limiter :( #259
pierregangloff
started this conversation in
Ideas
Replies: 1 comment 2 replies
-
Yea, that "max 0 means disabled" is a bit of an unfortunate wart in the API. I could probably change it in a major release. However, for your use-case, there should probably be some other level of authorization that detects the lack of a token and rejects the request with a different error message and status code (probably 401 or 403). Using a ratelimiter for that is bound to be confusing to an end-user that just happens to have a typo in their code or whatever and gets rejected on the first request. |
Beta Was this translation helpful? Give feedback.
2 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
express-rate-limit is used in the Highcharts-export-server which I plan to use. But I'd love it if the rate limiter could be used as an authorization token. I.e. if we set max=0, then it NEVER allows a request to go through = it always requires the secret token. Right now, setting the max=0 disables the rate limiter. I could set it to 1, but then some requests would go through without requiring the authorization token. It would be great if max=0 meant no requests unless token is present. And max=-1 means disabled. Just a suggestion.
Beta Was this translation helpful? Give feedback.
All reactions