High-Performance Node.js: Redis Caching and Rate Limiting

If your PostgreSQL database is directly queried for every single incoming HTTP request, your application will brutally collapse under high traffic. To protect your core infrastructure from bot networks, aggressive scrapers, and viral traffic spikes, you must engineer a highly resilient caching and rate-limiting layer.

Redis is the undisputed king of caching. Because it stores data entirely inside system RAM (rather than spinning hard disks), retrieval operations boast sub-millisecond latencies.

1. Implementing the Rate Limiter

To prevent DDoS attacks or abusive clients, we will utilize Redis to track the number of requests arriving from a specific IP address within a rolling 60-second window.

        import express from 'express';
import Redis from 'ioredis';

const app = express();
// Connect to the Redis instance
const redis = new Redis(process.env.REDIS_URL); 

// Express Middleware for Rate Limiting
const rateLimiter = async (req, res, next) => {
  const userIP = req.ip;
  const key = \`rate_limit:\${userIP}\`;
  
  // Increment the counter. If there's no active counter, starting at 1.
  const requests = await redis.incr(key);
  
  if (requests === 1) {
    // Determine the TTL (Time to Live). This key deletes itself after 60 seconds!
    await redis.expire(key, 60);
  }
  
  if (requests > 50) {
    return res.status(429).json({ 
        error: 'Too Many Requests! Please wait a minute.' 
    });
  }
  
  next();
};

app.use(rateLimiter);
      

2. Slashing Database Latency with Write-Through Caching

If a specific resource (like a heavily trafficked "Trending Articles" list) changes infrequently but is requested thousands of times an hour, executing a complex SQL JOIN query for every user is architectural madness. We must check Redis first.

        app.get('/api/trending', async (req, res) => {
    
  // 1. Attempt to fetch immediately from RAM (Lightning fast)
  const cachedData = await redis.get('cache:trending_articles');
  
  if (cachedData) {
      // CACHE HIT: Return immediately without touching the Database
      return res.json(JSON.parse(cachedData));
  }
  
  // 2. CACHE MISS: Execute the agonizingly slow Database Query
  const dbData = await executeMassiveComplexSQLQuery();
  
  // 3. Save the result into Redis for exactly 15 minutes
  // 'EX' denotes Expiration time in seconds
  await redis.set('cache:trending_articles', JSON.stringify(dbData), 'EX', 900);
  
  return res.json(dbData);
});
      

Conclusion

Redis is a defensive barricade for your systems. By utilizing it to aggressively throttle malicious traffic and instantly serve frequently requested payloads, your relatively weak database can easily sustain enterprise-level traffic without melting the server racks.