You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: content/security/rate-limiting.md
+34-2Lines changed: 34 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -39,11 +39,43 @@ There is also the `@Throttle()` decorator which can be used to override the `lim
39
39
40
40
#### Websockets
41
41
42
-
This module does work with websockets as well, with some limited functionality. First of all, user agent headers are not taken into consideration due to the difference in the underlying transport layer of Socket.IO vs Websockets. The other thing to make note of is that globally bound guards do not activate on websocket gateways, so you **must** bind the guard to the gateway itself using `@UseGuards()`.
42
+
This module _can_ work with websockets, but it requires some class extension. You can extend the `ThrottlerGuard` and override the `handleRequest` method like so:
> info **Hint** If you are using the `@nestjs/platform-ws` package you can use `client._socket.remoteAddress` instead.
43
64
44
65
#### GraphQL
45
66
46
-
Currently, only GraphQL with Express is supported, but Fastify support is coming as well. This module makes use of setting headers through the `res` object and reading headers through the `req` object of Express. To make sure these are available, when configuring your GraphQLModule, make sure the option `context: ({{ '{' }} req, res {{ '}' }}) => ({{ '{' }} req, res {{ '}' }})` is set.
67
+
The `ThrottlerGuard` can also be used to work with GraphQL requests. Again, the guard can be extended, but this tme the `getRequestResponse` method will be overridden
0 commit comments