Express Brute Mongoose

Mongoose adapter for the express-brute middleware.

Mongoose store adapter for express-brute.



yarn add express-brute-mongoose


const ExpressBrute = require("express-brute");
const MongooseStore = require("express-brute-mongoose");
const BruteForceSchema = require("express-brute-mongoose/dist/schema");
const mongoose = require("mongoose");

const model = mongoose.model(
  new mongoose.Schema(BruteForceSchema)
const store = new MongooseStore(model);

const bruteforce = new ExpressBrute(store);
  bruteforce.prevent, // error 403 if we hit this route too often
  function(req, res, next) {

Defining your Mongoose Schema

You can either use the default schema provided at express-brute-mongoose/dist/schema or roll your own, as long as it matches the basic structural requirements of the schema as follows:

  "_id": String,
  "data": {
    "count": Number,
    "lastRequest": Date,
    "firstRequest": Date
  "expires": Date

The default schema included in the package includes a Mongo index on the _id field and another index that will automatically delete each entry 1 day after it has passed its expires time, in an effort to keep the collection clean.


Build the package with yarn compile

Run tests with yarn test

Run the linter with yarn lint

Running Tests

You should have mongo running on port 27017 before running tests. If you have docker-compose and docker installed, you can get mongo up and running by using the following command:

docker-compose up