diff --git a/content/security/rate-limiting.md b/content/security/rate-limiting.md index 43c2dbdbf0..6ed662f16a 100644 --- a/content/security/rate-limiting.md +++ b/content/security/rate-limiting.md @@ -64,7 +64,7 @@ export class AppModule {} #### Customization -There may be a time where you want to bind the guard to a controller or globally, but want to disable rate limiting for one or more of your endpoints. For that, you can use the `@SkipThrottle()` decorator, to negate the throttler for an entire class or a single route. The `@SkipThrottle()` decorator can also take in an object of string keys with boolean values for if there is a case where you want to exclude _most_ of a controller, but not every route, and configure it per throttler set if you have more than one. If you do not pass an object, the default is to use `{{ '{' }} default: true {{ '}' }}` +There may be a time where you want to bind the guard to a controller or globally, but want to disable rate limiting for one or more of your endpoints. For that, you can use the `@SkipThrottle()` decorator, to negate the throttler for an entire class or a single route. The `@SkipThrottle()` decorator can also take in an object of string keys with boolean values for if there is a case where you want to exclude _most_ of a controller, but not every route, and configure it per throttler set if you have more than one. If you do not pass an object, the default is to use `{{ '{' }} default: true {{ '}' }}` ```typescript @SkipThrottle() @@ -132,10 +132,10 @@ This module can work with websockets, but it requires some class extension. You ```typescript @Injectable() export class WsThrottlerGuard extends ThrottlerGuard { - async handleRequest(context: ExecutionContext, limit: number, ttl: number): Promise { + async handleRequest(context: ExecutionContext, limit: number, ttl: number, throttler: ThrottlerOptions): Promise { const client = context.switchToWs().getClient(); const ip = client._socket.remoteAddress; - const key = this.generateKey(context, ip); + const key = this.generateKey(context, ip, throttler.name); const { totalHits } = await this.storageService.increment(key, ttl); if (totalHits > limit) { @@ -231,10 +231,12 @@ One approach would be to use a factory function: ThrottlerModule.forRootAsync({ imports: [ConfigModule], inject: [ConfigService], - useFactory: (config: ConfigService) => ([{ - ttl: config.get('THROTTLE_TTL'), - limit: config.get('THROTTLE_LIMIT'), - }]), + useFactory: (config: ConfigService) => [ + { + ttl: config.get('THROTTLE_TTL'), + limit: config.get('THROTTLE_LIMIT'), + }, + ], }), ], })