Challenge - 5 Problems

🎖️

Rate Limiting Master

Get all challenges correct to earn this badge!

Test your skills under time pressure!

❓ component_behavior

intermediate

2:00remaining

What happens when the rate limit is exceeded?

Consider this Express app using express-rate-limit:

const rateLimit = require('express-rate-limit');
const limiter = rateLimit({ windowMs: 60000, max: 3 });
app.use(limiter);
app.get('/', (req, res) => res.send('Hello'));

What response will the client receive after making 4 requests within one minute?

Express

const rateLimit = require('express-rate-limit');
const limiter = rateLimit({ windowMs: 60000, max: 3 });
app.use(limiter);
app.get('/', (req, res) => res.send('Hello'));

AThe 4th request returns status 429 with message 'Too many requests, please try again later.'

BThe 4th request returns status 200 with 'Hello' as usual.

CThe 4th request returns status 500 due to server error.

DThe 4th request is queued and delayed until the window resets.

Attempts:

2 left

📝 Syntax

intermediate

2:00remaining

Identify the syntax error in this rate limiter setup

Which option contains a syntax error when creating a rate limiter with express-rate-limit?

const rateLimit = require('express-rate-limit');
const limiter = rateLimit({ windowMs: 15 * 60 * 1000, max: 100 });
app.use(limiter);

Express

const rateLimit = require('express-rate-limit');
const limiter = rateLimit({ windowMs: 15 * 60 * 1000, max: 100 });
app.use(limiter);

Aconst limiter = rateLimit({ windowMs: 15 * 60 * 1000, max: 100 });

Bconst limiter = rateLimit({ windowMs: '15m', max: 100 });

Cconst limiter = rateLimit({ windowMs: 15 * 60 * 1000, max: '100' });

Dconst limiter = rateLimit({ windowMs: 15 * 60 * 1000 max: 100 });

Attempts:

2 left

❓ state_output

advanced

2:00remaining

What is the value of the 'X-RateLimit-Remaining' header after 2 requests?

Given this rate limiter:

const limiter = rateLimit({ windowMs: 60000, max: 5 });
app.use(limiter);

After a client makes 2 requests within the window, what will the X-RateLimit-Remaining header value be in the response?

Express

const limiter = rateLimit({ windowMs: 60000, max: 5 });
app.use(limiter);

A'5'

B'2'

C'3'

D'0'

Attempts:

2 left

🔧 Debug

advanced

2:00remaining

Why does this rate limiter not block requests as expected?

Consider this code snippet:

const rateLimit = require('express-rate-limit');
const limiter = rateLimit({ windowMs: 60000, max: 2 });
app.get('/api', limiter, (req, res) => res.send('OK'));
app.get('/api', (req, res) => res.send('Fallback'));

Why might the rate limiter not block requests after 2 hits?

Express

const rateLimit = require('express-rate-limit');
const limiter = rateLimit({ windowMs: 60000, max: 2 });
app.get('/api', limiter, (req, res) => res.send('OK'));
app.get('/api', (req, res) => res.send('Fallback'));

AThe limiter is not applied because max is too low.

BThe second route for '/api' overrides the first, bypassing the limiter.

CThe limiter middleware is missing next() call.

DThe windowMs value is too short to trigger blocking.

Attempts:

2 left

🧠 Conceptual

expert

3:00remaining

How to implement different rate limits per route using express-rate-limit?

You want to apply a strict rate limit on /login (max 5 requests per 10 minutes) and a looser limit on /api (max 100 requests per 15 minutes). Which setup correctly achieves this?

ACreate two limiters with different configs and apply each to its route separately.

BCreate one limiter with max 5 and apply it globally to all routes.

CCreate two limiters but apply only one to all routes.

DCreate one limiter with max 100 and apply it globally to all routes.

Attempts:

2 left