Eugen Rochko
a865b62efc
Rate limit by user instead of IP when API user is authenticated ( #5923 )
...
* Fix #668 - Rate limit by user instead of IP when API user is authenticated
* Fix code style issue
* Use request decorator provided by Doorkeeper
2017-12-09 14:20:02 +01:00
unarist
b42c018bb8
Add Content-Type header on throttled response to fix mojibake ( #4558 )
...
application/json only allows Unicode, so this prevents from wrong charset detection.
2017-08-08 15:47:35 +02:00
alpaca-tc
db92eec876
Localize 'throttled' ( #2755 )
2017-05-03 23:36:19 +02:00
Tristan Mahé
964035b118
allow localhost to bypass the ratelimit ( #2554 )
2017-04-30 00:27:49 +02:00
Eugen
ff5baa5349
Add rate limits for logins and sign-ups by IP (5 in 5 minutes) ( #2079 )
...
* Add rate limits for logins and sign-ups by IP (5 in 5 minutes)
Should be enough for normal attempts
* Add rate limit for forgotten password form as well
2017-04-18 22:29:14 +02:00