ewallet icon indicating copy to clipboard operation
ewallet copied to clipboard

Published 20 hours ago verified publisher icon omgnetwork

Implement rate limit on logins

Open mederic-p opened this issue 5 years ago • 1 comments

We should have a system to limit the number of login tries with wrong passwords. TODO: Explore different methods

mederic-p avatar Apr 23 '19 10:04 mederic-p

From team discussion:

  • We could make a plug for that and plug it into all public endpoints, which should be conveniently grouped as public/authed endpoints already.
  • Set a new configuration (rate_limit). Have a GenServer running that records requests per IP (?) and start blocking them. This GenServer would be a singleton across the entire cluster.

unnawut avatar Jun 24 '19 11:06 unnawut