node.js application-level rate limiting of 3rd party API calls

Question

The app I am building makes heavy numbers of calls to the Facebook Graph API (but it could be any API with rate limit). For argument's sake let's say the limit is 600 requests per 10 minutes.

I'm using https://github.com/jhurliman/node-rate-limiter to rate limit the individual threads, but what I need to do is rate limit all Facebook API calls at the macro app level, so that the app as whole does not exceed that limit.

I've really no idea how to accomplish that. I am fairly new to node and have no concept of what a solution for this would even look like.

It would be good to know if Facebook's rate limit is per app or per authenticated user. I'm assuming app, hence this problem.

Answer 1

IF you need to rate-limit access to a specific resource based on the aggregate of all of your requests, I'd create a separate http service to encapsulate and control all access to that resource.

Assuming you're using express and that your application runs on port 80, as in:

var express=require('express'),
    app=express();

app.get(route,function(req,res){
  ... do things here that need access to the FB Graph API
});

app.listen(80);

I'd add the following lines to your app.js, creating a new server running on port 8080:

var fbApiGatewayApp=express();

fbApiGatewayApp.get('/fb',function(req,res){
  ... provide access to FB Graph API here
});

fbApiGatewayApp.listen(8080);

where the routes you create for it control access to the FB API.

Refactor your original app so that it only calls routes on this new gateway service (via http.js) when it needs to submit a request to the FB API.

You can then rate-limit this new service to meet FB's requirements.

I'd also cause it to reject all requests that do not originate from your main app (which is running on localhost - 127.0.0.1) to restrict access from the outside world. (The same can be accomplished using a firewall.)