learn hapi — Show “Rate Limit Exceeded” Error on Login (Part 5 of 7)

Introducing the rate limiter into your web application brings security benefits, but requires extra work to integrate it smoothly. In the previous tutorial, you added support to render a “rate limit exceeded” web view instead of sending a JSON response.

The web view to show an exceeded limit was dragging the user out of context from the actual request. Users see a different view than before. They were clicking a button and reloading the page will show them the “rate limit exceeded” view than the view they were expecting.

This is what you’ll change by following this tutorial. If a user runs into the rate limit on login, you’ll render the login view and display the “rate limit exceeded” error message.

In case you need a glimpse on the complete package code: it’s available on GitHub in the hapi-rate-limitor repository and on NPM at hapi-rate-limitor.

hapi Series Overview

  1. JWT Refresh Token for Multiple Devices (Coming soon)
  2. Check Refresh Token in Authentication Strategy (Coming soon)
  3. Rate Limit Your Refresh Token API Endpoint (Coming soon)


Continue reading

University Enrollment Required

Future Students benefit from value packed videos and tutorials.

Enroll to receive exclusive content or sign in if you’re already a Future Student.

Enroll me for $15/mo

Explore the Library

Find interesting tutorials and solutions for your problems.