npm
Sign UpSign In

redis-backoff

1.0.0 • Public • Published

redis-backoff

NPM version Build status Test coverage Dependency Status License Downloads Gittip

Exponential backoff using redis. Designed specifically for passwords.

Example

var backoff = require('redis-backoff')({
  client: require('then-redis').createClient('tcp://localhost')
});
 
app.use(function* (next) {
  var credentials = yield parse(this);
 
  var username = credentials.username;
 
  // keys to limit against
  var keys = [
    username, // limit by the username
    this.ip, // limit by the ip
  ];
 
  // tell the client it needs to wait
  var retryAfter = yield backoff.check(keys);
  if (retryAFter) {
    this.status = 403;
    this.response.set('Retry-After', Math.ceil(retryAfter / 1000));
    return;
  }
 
  var password = credentials.password;
 
  var user = yield User.getByUsername(username);
  var valid = yield User.checkPassword(user, password);
 
  if (!valid) {
    // give a bad response and push and remember this bad try
    yield backoff.push(keys);
    this.status = 400;
    return;
  }
 
  // if the password is valid, clear the retries
  yield backoff.clear(keys)
  this.status = 200; // log the user in or something
})

API

var backoff = new Backoff(options)

  • client - a then-redis client
  • backoff - a custom backoff function of the form #retries -> millisecond timeout.

backoff.check(keys).then( retryAfter => )

Checks all the keys whether to backoff. Returns the time to wait in milliseconds.

backoff.push(keys).then( => )

Add a bad try to all the keys. The lock period starts from the current time.

backoff.clear(keys).then( => )

Clear all retries from the keys.

Readme

Keywords

Package Sidebar

Install

npm i redis-backoff

Repository

github.com/jonathanong/redis-backoff

Homepage

github.com/jonathanong/redis-backoff

Weekly Downloads

0

Version

1.0.0

License

MIT

Last publish

Collaborators

  • jongleberry
Try on RunKit
Report malware