Halt - Modern Rate Limiting for APIs

The Penalty System tracks rate limit violations and can temporarily ban malicious actors.

Configuration

import { PenaltyManager, PENALTY_MODERATE } from 'halt/core/penalty';

const penaltyManager = new PenaltyManager(store, {
  ...PENALTY_MODERATE,
  violationWeight: 1.0,    // Points per violation
  decayRate: 0.1,          // Points decay per minute
  threshold: 10.0,         // Points to trigger ban
  banDuration: 300         // Ban for 5 minutes
});

Integration

// 1. Check if user is banned
const penalty = await penaltyManager.getPenalty(userId);
if (penaltyManager.isActive(penalty)) {
  return res.status(403).json({ error: 'Account suspended' });
}

// 2. Report violations
if (!rateLimitResult.allowed) {
  await penaltyManager.recordViolation(userId);
}