ideas-generator/server/middleware/rateLimiter.js

const rateLimit = require('express-rate-limit');

const createRateLimiter = (windowMs, max, message) => {
  return rateLimit({
    windowMs,
    max,
    message: {
      error: 'Too Many Requests',
      message,
      retryAfter: Math.ceil(windowMs / 1000),
    },
    standardHeaders: true,
    legacyHeaders: false,
    skip: (req) => {
      return process.env.SKIP_RATE_LIMITING === 'true';
    },
  });
};

const chatLimiter = createRateLimiter(
  15 * 60 * 1000, // 15 minutes
  20, // limit each IP to 20 requests per windowMs
  'Too many chat requests from this IP, please try again later.'
);

const generalLimiter = createRateLimiter(
  15 * 60 * 1000, // 15 minutes
  1000, // limit each IP to 1000 requests per windowMs (high limit for development)
  'Too many requests from this IP, please try again later.'
);

module.exports = {
  chatLimiter,
  generalLimiter,
};