npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2025 – Pkg Stats / Ryan Hefner

limitx

v1.0.1

Published

Lightweight token bucket rate limiter for Node.js APIs

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

gurusharankumarram1gurusharankumarram1

Keywords

rate limitertoken bucketrate-limitertoken-bucketthrottlingapi rate limitrequest limiterapi protectionbackendnodejsexpressfastifykoamiddlewarelimitxrate limitnode modulenpm package

Readme

🚀 LimitX

Lightweight Token Bucket Rate Limiter for Node.js

Fast • Simple • Stable • API-Friendly

npm version npm downloads Node version License

🌟 Overview

LimitX is a clean and efficient Token Bucket rate limiter designed for backend and API workloads.
It focuses on predictable behaviour, stable performance, and smooth integration with any Node.js framework.

A straightforward tool for managing request flow and protecting critical routes with minimal setup.

⭐ Features

  • ⚡ Efficient token bucket algorithm
  • 🎯 Designed for backend APIs (Express, Fastify, Koa, etc.)
  • 🔄 Automatic token refill with precise time calculation
  • 🧩 Cleanup for inactive keys
  • 🪝 Hooks for logging & monitoring
  • 🟦 Comes with TypeScript definitions (index.d.ts)
  • 🛠️ Small API surface, easy to integrate

📦 Installation

npm install limitx

🚀 Quick Usage

const LimitX = require("limitx");

const limiter = new LimitX({
  capacity: 20,
  refillRate: 5,
});

app.get("/api/data", (req, res) => {
  const result = limiter.consume(req.ip);

  if (!result.allowed) {
    return res.status(429).send("Too many requests");
  }

  res.send("Success");
});

🔧 Options & Usage Guide

Here is the full configuration reference:

const limiter = new LimitX({
  capacity: 10,           // Max tokens
  refillRate: 1,          // Tokens per second
  idleTTL: 120000,        // Auto remove inactive users
  cleanupInterval: 60000, // Interval for cleanup

  onAllow: (key, info) => {},
  onReject: (key, info) => {},
  onRefill: (info) => {},
});

📘 Option Details

1️⃣ capacity

Maximum number of tokens per key.

new LimitX({ capacity: 50 });

2️⃣ refillRate

Number of tokens added per second.

new LimitX({ refillRate: 5 });

3️⃣ idleTTL

Remove inactive buckets automatically.

new LimitX({ idleTTL: 60000 }); // 1 min

4️⃣ cleanupInterval

How often the cleanup runs.

new LimitX({ cleanupInterval: 30000 });

🪝 Hooks

Hooks allow you to track limiter activity.

5️⃣ onAllow(key, info)

Triggered when a request is allowed.

onAllow: (key, info) => {
  console.log("Allowed:", key, info.tokens);
}

6️⃣ onReject(key, info)

Triggered when a request is blocked.

onReject: (key, info) => {
  console.log("Rejected:", key, info.tokens);
}

7️⃣ onRefill(info)

Triggered when tokens are refilled.

onRefill: (info) => {
  console.log("Refilled:", info.tokens);
}

🎮 Full Example With All Features

const limiter = new LimitX({
  capacity: 20,
  refillRate: 4,
  idleTTL: 100000,
  cleanupInterval: 50000,

  onAllow: (key, info) => {
    console.log(`[ALLOW] ${key} → ${info.tokens}`);
  },

  onReject: (key, info) => {
    console.log(`[REJECT] ${key} → ${info.tokens}`);
  },

  onRefill: (info) => {
    console.log(`[REFILL] tokens → ${info.tokens}`);
  },
});

// Use in API route
const result = limiter.consume(req.ip);

if (!result.allowed) {
  return res.status(429).json({ message: "Rate limit exceeded" });
}

📘 API Reference

consume(key, weight = 1)

Consumes tokens and returns:

{ allowed: boolean, remaining: number }

getTokens(key)

Returns remaining tokens for the key.

reset(key)

Clears a specific bucket.

stop()

Stops the internal cleanup timer.