Rate limiter in another file

backend/apis/nodejs/src/app.js

@@ -18,7 +18,7 @@
 require('dotenv').config();
 const express = require('express');
 const cors = require('cors');
-const rateLimit = require('express-rate-limit');
+const rateLimiter = require('./utils/rate_limit_utils.js');
 const helmet = require('helmet')
 const personRoutes = require('./routes/person_routes.js');
 const organizationRoutes = require('./routes/organization_routes.js');
@@ -38,13 +38,7 @@ const app = express();
 app.use(express.json()); // Middleware which parses JSON for POST requests
 app.use(cors()); // Enable CORS for all routes
 app.use(helmet()); // Some security settings
-app.use(rateLimit({
+app.use(rateLimiter); // Apply the rate limiter middleware to all routes
-  windowMs: process.env.LIMITER_WINDOW,
-  max: process.env.LIMITER_MAXIMUM_PER_WINDOW,
-  message: {
-    error: 'Too many requests from this IP, please try again later'
-  }
-})); // Apply the rate limiter middleware to all routes
 
 /*
 ===== END APPLICATION CONFIGURATION =====
@@ -65,16 +59,20 @@ app.use('/api/organizations', organizationPostRoutes.routes);
 ===== END ROUTE HANDLING =====
 */
 
-// Do not start the server in testing environment
+
-// It will be started by the test suite
+/*
-if (process.argv[2] != 'testing') {
+===== STARTING THE SERVER =====
-  // Start the server
+*/
-  // Default port is 3000
+
-  const port = process.env.API_SERVER_PORT || 3000;
+// Default port is 3000
-  app.listen(port, () => {
+const port = process.env.API_SERVER_PORT || 3000;
-    console.log(`Blink API server is running on port ${port}`);
+app.listen(port, () => {
-  });
+  console.log(`Blink API server is running on port ${port}`);
-}
+});
+
+/*
+===== END STARTING THE SERVER =====
+*/
 
 // Export the app for testing purposes
 module.exports = app;

backend/apis/nodejs/src/utils/rate_limit_utils.js

@@ -0,0 +1,24 @@
+/*
+    This code is part of Blink
+    licensed under GPLv3
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+    IMPLIED,  INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+    THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+    FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+    IN THE SOFTWARE.
+*/
+
+const rateLimit = require('express-rate-limit');
+
+const rateLimitSettings = {
+    windowMs: process.env.LIMITER_WINDOW,
+    max: process.env.LIMITER_MAXIMUM_PER_WINDOW,
+    message: {
+        error: 'Too many requests from this IP, please try again later'
+    }
+}
+
+module.exports = rateLimit(rateLimitSettings);