Discussion

Kevin Cunningham

Sep 23, 2020

How to make sure your Express API doesn't get abused

Making applications for the web is a lot of fun. Sadly, there is always a risk that bad actors will abuse them. Either using them too much or using them for nefarious means. For most hobby projects that isn't too much of a problem. Once we start deal...

h.kevincunningham.co.uk7 min read

#express #authentication #auth0 #nodejs #2articles1week

Responses(3)

OK

Olohundare kayode

Javascript Developer

Sep 24, 2020

To make sure your app doesnt get abused, You could also have a rate limiter that limit how many request a user can per hour. Here is a lib that solves that for you

npmjs.com/package/express-redis-limit-req

KC

Kevin Cunningham

Sep 24, 2020

Thanks for the work you're doing on this library!

MB

Maximilian Berkmann

Web and programming

Oct 1, 2020

Or using express-rate-limit or @authentication/rate-limit.

DC

Dwayne Charrington

Front-end developer

Sep 24, 2020

JWT's are definitely the way to go. I do recommend that developers work out how to implement them without a third-party service, though. Auth0 is great, but it's so expensive if you want to use it beyond a little hobby project. It's surprisingly easy to use the jsonwebtokens package to create your own implementations.

KC

Kevin Cunningham

Sep 24, 2020

Thanks Dwayne - helpful insight :)

Recent in Forum

A
5 Tech Stack Decisions That Make or Break a Travel Booking Engine
11h ago
K
Hi, I'm Karthik
411h ago
D
I built WattSeal — PC power consumption monitor
317h ago
A
I Replaced ChatGPT With Google NotebookLM — Here’s My Audit & Workflow
24A A A18h ago
S
Hi, I'm Shubham kahar
22S R1d ago

View all threads

Search Hashnode

How to make sure your Express API doesn't get abused

Responses(3)

Recent in Forum