Skip to content

Latest commit

 

History

History
114 lines (93 loc) · 3.74 KB

README.md

File metadata and controls

114 lines (93 loc) · 3.74 KB
Arcjet Logo

@arcjet/deno

npm badge

Arcjet helps developers protect their apps in just a few lines of code. Implement rate limiting, bot protection, email verification & defense against common attacks.

This is the Arcjet SDK for Deno.

Rate limit + bot detection example

The Arcjet rate limit example below applies a token bucket rate limit rule to a route where we identify the user based on their ID e.g. if they are logged in. The bucket is configured with a maximum capacity of 10 tokens and refills by 5 tokens every 10 seconds. Each request consumes 5 tokens.

import "jsr:@std/dotenv/load";

import arcjet, { tokenBucket, detectBot } from "npm:@arcjet/deno";

const aj = arcjet({
  key: Deno.env.get("ARCJET_KEY")!, // Get your site key from https://app.arcjet.com
  characteristics: ["userId"], // track requests by a custom user ID
  rules: [
    // Create a token bucket rate limit. Other algorithms are supported.
    tokenBucket({
      mode: "LIVE", // will block requests. Use "DRY_RUN" to log only
      refillRate: 5, // refill 5 tokens per interval
      interval: 10, // refill every 10 seconds
      capacity: 10, // bucket maximum capacity of 10 tokens
    }),
    detectBot({
      mode: "LIVE", // will block requests. Use "DRY_RUN" to log only
      // configured with a list of bots to allow from
      // https://arcjet.com/bot-list
      allow: [], // "allow none" will block all detected bots
    }),
  ],
});

Deno.serve(
  aj.handler(async function (req: Request) {
    const userId = "user123"; // Replace with your authenticated user ID
    const decision = await aj.protect(req, { userId, requested: 5 }); // Deduct 5 tokens from the bucket
    console.log("Arcjet decision", decision);

    if (decision.isDenied()) {
      return Response.json({ error: "Forbidden" }, { status: 403 });
    } else {
      return Response.json({ message: "Hello world" });
    }
  }),
);

Shield example

Arcjet Shield protects your application against common attacks, including the OWASP Top 10. You can run Shield on every request with negligible performance impact.

import "jsr:@std/dotenv/load";

import arcjet, { shield } from "npm:@arcjet/deno";

const aj = arcjet({
  key: Deno.env.get("ARCJET_KEY")!, // Get your site key from https://app.arcjet.com
  rules: [
    shield({
      mode: "LIVE", // will block requests. Use "DRY_RUN" to log only
    }),
  ],
});

Deno.serve(
  aj.handler(async function (req: Request) {
    const decision = await aj.protect(req);

    if (decision.isDenied()) {
      return Response.json({ error: "Forbidden" }, { status: 403 });
    } else {
      return Response.json({ message: "Hello world" });
    }
  }),
);

License

Licensed under the Apache License, Version 2.0.