Rate Limit for Nextjs App Router

A rewrite version of rate limit for Nextjs App Router

About

This is a rewrite version for Nextjs App Router. If you are using Page Router, Simply use the vercel version.

Try to send 3 requests in 1 minute. The rate limit is 2 requests per minute.

Route API example.

Installation

1

Copy and paste the following code into your project.

import { NextRequest, NextResponse } from 'next/server';
import { LRUCache } from 'lru-cache';

type Options = {
  uniqueTokenPerInterval?: number;
  interval?: number;
};

export function rateLimit(options?: Options) {
  const tokenCache = new LRUCache({
    max: options?.uniqueTokenPerInterval || 500,
    ttl: options?.interval || 60000,
  });

  return {
    check: (request: NextRequest, limit: number) => {
      return new Promise<void>((resolve, reject) => {
        const ip =
          request.headers.get('x-forwarded-for') ||
          request.headers.get('x-real-ip') ||
          // @ts-ignore ignore
          request?.socket?.remoteAddress;
        if (!ip) {
          reject(NextResponse.json({ error: 'can not get IP.' }, { status: 400 }));
          return;
        }

        const tokenCount = (tokenCache.get(ip) as number[]) || [0];
        if (tokenCount[0] === 0) {
          tokenCache.set(ip, tokenCount);
        }
        tokenCount[0] += 1;

        const currentUsage = tokenCount[0];
        const isRateLimited = currentUsage > limit;

        if (isRateLimited) {
          const response = NextResponse.json(
            { error: 'Too many requests, please try again later.' },
            { status: 429 },
          );
          response.headers.set('X-RateLimit-Limit', limit.toString());
          response.headers.set('X-RateLimit-Remaining', '0');
          reject(response);
        } else {
          resolve();
        }
      });
    },
  };
}
2

Update the import paths to match your project setup.

Buy Me A CoffeeDeployed on Zeabur