Bumped deps, Added cors, Fixed rate limiting per scttcper/koa-simple-ratelimit#34

Author: niftylettuce

index.js

@@ -10,13 +10,14 @@ const conditional = require('koa-conditional-get');
 const etag = require('koa-etag');
 const compress = require('koa-compress');
 const responseTime = require('koa-response-time');
-const rateLimit = require('koa-simple-ratelimit');
+const rateLimiter = require('koa-simple-ratelimit');
 const koaLogger = require('koa-logger');
 const bodyParser = require('koa-bodyparser');
 const koa404Handler = require('koa-404-handler');
 const json = require('koa-json');
 const errorHandler = require('koa-better-error-handler');
 const helmet = require('koa-helmet');
+const cors = require('kcors');
 const removeTrailingSlashes = require('koa-no-trailing-slash');
 const redis = require('redis');
 const StoreIPAddress = require('@ladjs/store-ip-address');
@@ -27,11 +28,20 @@ const { oneLine } = require('common-tags');
 
 const env = process.env.NODE_ENV || 'development';
 
-let max = process.env.RATELIMIT_MAX
-  ? parseInt(process.env.RATELIMIT_MAX, 10)
-  : 100;
-
-if (!process.env.RATELIMIT_MAX && env === 'development') max = Number.MAX_VALUE;
+let rateLimit = {
+  duration: process.env.RATELIMIT_DURATION
+    ? parseInt(process.env.RATELIMIT_DURATION, 10)
+    : 60000,
+  max: process.env.RATELIMIT_MAX
+    ? parseInt(process.env.RATELIMIT_MAX, 10)
+    : 100,
+  id: ctx => ctx.ip,
+  prefix: process.env.RATELIMIT_PREFIX
+    ? process.env.RATELIMIT_PREFIX
+    : `limit_${env.toLowerCase()}`
+};
+
+if (env === 'development') rateLimit = false;
 
 class Server {
   constructor(config) {
@@ -54,16 +64,9 @@ class Server {
         logger: console,
         passport: false,
         i18n: {},
-        rateLimit: {
-          duration: process.env.RATELIMIT_DURATION
-            ? parseInt(process.env.RATELIMIT_DURATION, 10)
-            : 60000,
-          max,
-          id: ctx => ctx.ip,
-          prefix: process.env.RATELIMIT_PREFIX
-            ? process.env.RATELIMIT_PREFIX
-            : `limit_${env.toLowerCase()}`
-        },
+        rateLimit,
+        // <https://github.com/koajs/cors#corsoptions>
+        cors: {},
         timeoutMs: process.env.API_TIMEOUT_MS
           ? parseInt(process.env.API_TIMEOUT_MS, 10)
           : 2000
@@ -123,19 +126,26 @@ class Server {
     app.use(koaLogger({ logger }));
 
     // rate limiting
-    app.use(
-      rateLimit({
-        ...this.config.rateLimit,
-        db: redisClient
-      })
-    );
+    if (this.config.rateLimit)
+      app.use(
+        rateLimiter({
+          ...this.config.rateLimit,
+          db: redisClient
+        })
+      );
 
     // conditional-get
     app.use(conditional());
 
     // etag
     app.use(etag());
 
+    // cors
+    if (this.config.cors) app.use(cors(this.config.cors));
+
+    // TODO: add `cors-gate`
+    // <https://github.com/mixmaxhq/cors-gate/issues/6>
+
     // security
     app.use(helmet());
 
@@ -180,6 +190,8 @@ class Server {
     if (this.config.routes) {
       if (_.isFunction(this.config.routes.routes))
         app.use(this.config.routes.routes());
+      if (_.isFunction(this.config.routes.allowedMethods))
+        app.use(this.config.routes.allowedMethods());
       else app.use(this.config.routes);
     }
 

package.json

@@ -18,9 +18,10 @@
     "@ladjs/i18n": "^0.3.2",
     "@ladjs/store-ip-address": "^0.0.5",
     "boolean": "^0.1.3",
-    "cabin": "^1.0.0",
-    "common-tags": "^1.7.2",
+    "cabin": "^1.0.2",
+    "common-tags": "^1.8.0",
     "ip": "^1.1.5",
+    "kcors": "^2.2.1",
     "koa": "^2.5.1",
     "koa-404-handler": "^0.0.2",
     "koa-better-error-handler": "^1.3.5",
@@ -39,19 +40,19 @@
     "redis": "^2.8.0"
   },
   "devDependencies": {
-    "auto-bind": "^1.2.0",
+    "auto-bind": "^1.2.1",
     "ava": "^0.25.0",
     "codecov": "^3.0.2",
-    "cross-env": "^5.1.5",
-    "eslint": "^4.19.1",
+    "cross-env": "^5.2.0",
+    "eslint": "^5.0.0",
     "eslint-config-prettier": "^2.9.0",
-    "eslint-plugin-prettier": "^2.6.0",
+    "eslint-plugin-prettier": "^2.6.1",
     "husky": "^0.14.3",
     "koa-router": "^7.4.0",
-    "lint-staged": "^7.1.2",
-    "mongoose": "^5.1.1",
-    "nyc": "^11.8.0",
-    "prettier": "^1.12.1",
+    "lint-staged": "^7.2.0",
+    "mongoose": "^5.1.6",
+    "nyc": "^12.0.2",
+    "prettier": "^1.13.5",
     "remark-cli": "^5.0.0",
     "remark-preset-github": "^0.0.8",
     "supertest": "^3.1.0",
@@ -60,7 +61,9 @@
   "engines": {
     "node": ">=8.3"
   },
-  "files": ["index.js"],
+  "files": [
+    "index.js"
+  ],
   "homepage": "https://github.com/ladjs/api",
   "keywords": [
     "api",
@@ -92,11 +95,16 @@
       "prettier --write --single-quote --trailing-comma none",
       "git add"
     ],
-    "*.md": ["remark . -qfo", "git add"]
+    "*.md": [
+      "remark . -qfo",
+      "git add"
+    ]
   },
   "main": "index.js",
   "remarkConfig": {
-    "plugins": ["preset-github"]
+    "plugins": [
+      "preset-github"
+    ]
   },
   "repository": {
     "type": "git",
@@ -111,7 +119,9 @@
   },
   "xo": {
     "extends": "prettier",
-    "plugins": ["prettier"],
+    "plugins": [
+      "prettier"
+    ],
     "parserOptions": {
       "sourceType": "script"
     },

test/test.js

@@ -26,6 +26,7 @@ const config = {
     id: ctx => ctx.ip,
     prefix: 'limit_test'
   },
+  cors: {},
   timeoutMs: 2000
 };