npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

ioredis-ratelimit

v3.1.1

Published

A generic Redis-backed rate limiting tool built on top of ioredis.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

nswbmwnswbmw

Keywords

ratelimitratelimiterredis

Readme

ioredis-ratelimit

A generic Redis-backed rate limiting tool built on top of ioredis.

Features

  • 🚀 Flexible rate limiting - Control request rates with precision
  • 📦 Batch operations - Handle multiple requests at once
  • 🎯 Three limiting modes - Binary, N-ary, and Uniform strategies
  • ⏱️ Minimum interval control - Enforce delays between requests
  • 🔑 Dynamic keys - Use functions to generate keys per user/resource
  • 100% test coverage - Fully tested and reliable

Installation

$ npm i ioredis-ratelimit --save

Quick Start

import Redis from 'ioredis'
import RateLimiter from 'ioredis-ratelimit'

const ratelimiter = RateLimiter({
  client: new Redis(),
  key: 'my-rate-limiter',
  limit: 10,        // 10 requests
  duration: 1000    // per 1 second
})

// Check rate limit
await ratelimiter()  // { total: 1, acknowledged: 1, remaining: 9 }

// Get current status
await ratelimiter.get()  // { total: 1, remaining: 9, retryAfterMS: 0 }

API

ratelimiter([id], [times])

Consume rate limit quota.

  • id (optional): Identifier when key is a function
  • times (optional): Number of requests to consume (default: 1)
  • Returns: Promise<{ total, acknowledged, remaining }>

ratelimiter.get([id])

Get current rate limit status without consuming quota.

  • id (optional): Identifier when key is a function
  • Returns: Promise<{ total, remaining, retryAfterMS }>

Options

| Option | Type | Required | Default | Description | |--------|------|----------|---------|-------------| | client | Redis | ✅ | - | ioredis client instance | | key | String\|Function | ✅ | - | Rate limiter key or key generator function | | limit | Number | ✅ | - | Maximum requests allowed in duration | | duration | Number | ✅ | - | Time window in milliseconds | | difference | Number | ❌ | 0 | Minimum milliseconds between requests | | ttl | Number | ❌ | duration | Redis key TTL in milliseconds | | mode | String | ❌ | 'binary' | Rate limiting mode: 'binary', 'nary', or 'uniform' | | error | Error | ❌ | Error('Too Many Requests') | Error thrown when limit exceeded |

Examples

Basic Usage

import Redis from 'ioredis'
import RateLimiter from 'ioredis-ratelimit'

const ratelimiter = RateLimiter({
  client: new Redis(),
  key: 'limiter',
  limit: 3,
  duration: 1000,
  difference: 0 // allow no interval between requests
})

;(async () => {
  await ratelimiter().then(console.log) // { total: 1, acknowledged: 1, remaining: 2 }
  await ratelimiter().then(console.log) // { total: 2, acknowledged: 1, remaining: 1 }
  await ratelimiter().then(console.log) // { total: 3, acknowledged: 1, remaining: 0 }
  await ratelimiter().then(console.log).catch(console.error) // 429 - Error: Too Many Requests

  await ratelimiter.get().then(console.log) // { total: 3, remaining: 0, retryAfterMS: 999 }
})().catch(console.error)

Express Middleware

import express from 'express'
import Redis from 'ioredis'
import RateLimiter from 'ioredis-ratelimit'

const app = express()

const ratelimiter = RateLimiter({
  client: new Redis(),
  key: (req) => `limiter:${req.user.id}`,
  limit: 10,      // 10 requests
  duration: 1000, // per 1 second
  difference: 10  // minimum 10ms between requests
})

app.use(async (req, res, next) => {
  try {
    await ratelimiter(req)
    next()
  } catch (err) {
    res.status(429).json({ error: 'Too Many Requests' })
  }
})

app.get('/', (req, res) => {
  res.json({ message: 'Hello World' })
})

app.listen(3000)

Batch Operations

const ratelimiter = RateLimiter({
  client: new Redis(),
  key: 'batch-limiter',
  limit: 10,
  duration: 1000
})

// Consume 5 requests at once
await ratelimiter(5)  // { total: 5, acknowledged: 5, remaining: 5 }

Dynamic Keys (Per-User Limiting)

const ratelimiter = RateLimiter({
  client: new Redis(),
  key: (userId) => `ratelimit:user:${userId}`,
  limit: 100,
  duration: 60000  // 100 requests per minute per user
})

await ratelimiter('user123')  // Rate limit for user123
await ratelimiter('user456')  // Rate limit for user456 (separate bucket)

Minimum Request Interval

const ratelimiter = RateLimiter({
  client: new Redis(),
  key: 'api-calls',
  limit: 100,
  duration: 60000,
  difference: 1000  // Minimum 1s between requests
})

await ratelimiter()  // OK
await ratelimiter()  // Error: Too Many Requests (called too quickly)

Rate Limiting Modes

Binary Mode (Default)

All-or-nothing: Either all requests are accepted or all are rejected.

const ratelimiter = RateLimiter({
  client: new Redis(),
  key: 'limiter',
  limit: 5,
  duration: 3000,
  mode: 'binary'
})

await ratelimiter(2)  // { total: 2, acknowledged: 2, remaining: 3 }
await ratelimiter(2)  // { total: 4, acknowledged: 2, remaining: 1 }
await ratelimiter(2)  // Error: Too Many Requests (needs 2 but only 1 remaining)

Use case: Strict rate limiting where partial fulfillment is not acceptable.

N-ary Mode

Partial acceptance: Accepts as many requests as possible, up to the limit.

const ratelimiter = RateLimiter({
  client: new Redis(),
  key: 'limiter',
  limit: 5,
  duration: 3000,
  mode: 'nary'
})

await ratelimiter(2)  // { total: 2, acknowledged: 2, remaining: 3 }
await ratelimiter(2)  // { total: 4, acknowledged: 2, remaining: 1 }
await ratelimiter(2)  // { total: 5, acknowledged: 1, remaining: 0 } ✅ Accepts 1 of 2
await ratelimiter(2)  // Error: Too Many Requests (bucket full)

Use case: Maximize throughput by accepting partial batches.

Uniform Mode

Lenient: Accepts all requests if there's at least one slot available (can exceed limit).

const ratelimiter = RateLimiter({
  client: new Redis(),
  key: 'limiter',
  limit: 5,
  duration: 3000,
  mode: 'uniform'
})

await ratelimiter(2)  // { total: 2, acknowledged: 2, remaining: 3 }
await ratelimiter(2)  // { total: 4, acknowledged: 2, remaining: 1 }
await ratelimiter(2)  // { total: 6, acknowledged: 2, remaining: 0 } ✅ Exceeds limit
await ratelimiter(2)  // Error: Too Many Requests (no slots available)

Use case: Flexible rate limiting where occasional bursts are acceptable.

Test (100% coverage)

Ensure Redis is running, then:

$ npm test

License

MIT