Eugen Rochko
feed07227b
Apply a 25x rate limit by IP even to authenticated requests ( #5948 )
7 years ago
Naoki Kosaka
4bce376fdc
Missing require 'authorization_decorator'. ( #5947 )
7 years ago
Eugen Rochko
a865b62efc
Rate limit by user instead of IP when API user is authenticated ( #5923 )
* Fix #668 - Rate limit by user instead of IP when API user is authenticated
* Fix code style issue
* Use request decorator provided by Doorkeeper
7 years ago
unarist
b42c018bb8
Add Content-Type header on throttled response to fix mojibake ( #4558 )
application/json only allows Unicode, so this prevents from wrong charset detection.
7 years ago
alpaca-tc
db92eec876
Localize 'throttled' ( #2755 )
7 years ago
Tristan Mahé
964035b118
allow localhost to bypass the ratelimit ( #2554 )
7 years ago
Eugen
ff5baa5349
Add rate limits for logins and sign-ups by IP (5 in 5 minutes) ( #2079 )
* Add rate limits for logins and sign-ups by IP (5 in 5 minutes)
Should be enough for normal attempts
* Add rate limit for forgotten password form as well
7 years ago
Eugen Rochko
02349b3269
Obfuscate filenames better, double rate limits
7 years ago
Eugen Rochko
c0555f2db6
Don't rate-limit PuSH endpoints
8 years ago
Eugen Rochko
dda9ac9222
Fix reset date format when rate limited
8 years ago
Eugen Rochko
a9e40a3d80
Adding OAuth access scopes, fixing OAuth authorization UI, adding rate limiting
to the API
8 years ago
Eugen Rochko
3b56350121
Fix #6 - Rate limit GET reqs to 300/5min, POST to 100/5min
8 years ago
Eugen Rochko
e24bfbde1a
Fixing FanOutOnWriteService, fixing Sidekiq not having enough DB connections
in the pool, adding a throttle of 60rpm per IP, adding mini profiler, adding
admin status to users
8 years ago
Eugen Rochko
e2b846f630
Adding letter opener for development and Rack::Attack for future rate limiting implementations
8 years ago