From f69f77882147dd83f8b0f5b3c1cfb98796018216 Mon Sep 17 00:00:00 2001 From: null Date: Sat, 6 Jun 2026 18:38:40 -0500 Subject: [PATCH] fix: use express-rate-limit ipKeyGenerator for sync limiter fallback --- middleware/rateLimiter.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/middleware/rateLimiter.js b/middleware/rateLimiter.js index 5c73bf0..7da69f9 100644 --- a/middleware/rateLimiter.js +++ b/middleware/rateLimiter.js @@ -1,6 +1,6 @@ 'use strict'; -const rateLimit = require('express-rate-limit'); +const { rateLimit, ipKeyGenerator } = require('express-rate-limit'); function makeLimiter(max, windowMs, message) { return rateLimit({ @@ -69,7 +69,7 @@ const syncLimiter = rateLimit({ max: 10, standardHeaders: 'draft-7', legacyHeaders: false, - keyGenerator: (req) => req.user?.id?.toString() || req.ip, + keyGenerator: (req) => req.user?.id?.toString() || ipKeyGenerator(req), handler(req, res) { res.status(429).json({ error: 'Too many sync requests. Please try again in 15 minutes.' }); },