[Arcjet][arcjet] helps developers protect their apps in just a few lines of
@@ -31,7 +33,61 @@ started.
npm install -S @arcjet/next
```
-## Example
+## Rate limit example
+
+The [Arcjet rate
+limit](https://docs.arcjet.com/rate-limiting/concepts) example below
+applies a token bucket rate limit rule to a route where we identify the user
+based on their ID e.g. if they are logged in. The bucket is configured with a
+maximum capacity of 10 tokens and refills by 5 tokens every 10 seconds. Each
+request consumes 5 tokens.
+
+See the [Arcjet rate limit
+documentation](https://docs.arcjet.com/rate-limiting/quick-start/nextjs) for
+details.
+
+```ts
+import arcjet, { tokenBucket } from "@arcjet/next";
+import { NextResponse } from "next/server";
+
+const aj = arcjet({
+ key: process.env.ARCJET_KEY!, // Get your site key from https://app.arcjet.com
+ rules: [
+ // Create a token bucket rate limit. Other algorithms are supported.
+ tokenBucket({
+ mode: "LIVE", // will block requests. Use "DRY_RUN" to log only
+ characteristics: ["userId"], // track requests by a custom user ID
+ refillRate: 5, // refill 5 tokens per interval
+ interval: 10, // refill every 10 seconds
+ capacity: 10, // bucket maximum capacity of 10 tokens
+ }),
+ ],
+});
+
+export async function GET(req: Request) {
+ const userId = "user123"; // Replace with your authenticated user ID
+ const decision = await aj.protect(req, { userId, requested: 5 }); // Deduct 5 tokens from the bucket
+ console.log("Arcjet decision", decision);
+
+ if (decision.isDenied()) {
+ return NextResponse.json(
+ { error: "Too Many Requests", reason: decision.reason },
+ { status: 429 },
+ );
+ }
+
+ return NextResponse.json({ message: "Hello world" });
+}
+```
+
+## Shield example
+
+[Arcjet Shield](https://docs.arcjet.com/shield/concepts) protects your
+application against common attacks, including the OWASP Top 10. It’s enabled by
+default and runs on every request with negligible performance impact.
+
+See the [Arcjet Shield
+documentation](https://docs.arcjet.com/shield/quick-start/nextjs) for details.
```ts
import arcjet from "@arcjet/next";
@@ -42,7 +98,7 @@ const aj = arcjet({
// and set it as an environment variable rather than hard coding.
// See: https://nextjs.org/docs/app/building-your-application/configuring/environment-variables
key: process.env.ARCJET_KEY,
- rules: [],
+ rules: [], // Shield requires no rule configuration
});
export async function GET(req: Request) {
diff --git a/arcjet-next/package.json b/arcjet-next/package.json
index d843de62c..f4fb7873c 100644
--- a/arcjet-next/package.json
+++ b/arcjet-next/package.json
@@ -9,6 +9,15 @@
"url": "git+https://github.com/arcjet/arcjet-js.git",
"directory": "arcjet-next"
},
+ "bugs": {
+ "url": "https://github.com/arcjet/arcjet-js/issues",
+ "email": "support@arcjet.com"
+ },
+ "author": {
+ "name": "Arcjet",
+ "email": "support@arcjet.com",
+ "url": "https://arcjet.com"
+ },
"engines": {
"node": ">=18"
},
diff --git a/arcjet/README.md b/arcjet/README.md
index 819fc2d44..cc7fb60fe 100644
--- a/arcjet/README.md
+++ b/arcjet/README.md
@@ -8,10 +8,12 @@
# `arcjet`
- 
