rate limit login API

2023-07-10 00:21:48 +02:00 · 2023-07-10 00:21:48 +02:00 · c72c2bbf72
commit c72c2bbf72
parent 67e83fc2c7
1 changed files with 2 additions and 0 deletions
--- a/2
+++ b/2
@ -252,6 +252,8 @@ def apiuserinfo():
                    "error": "no authentication"
                }, 403

+
+@limiter.limit("10/minute", override_defaults=False)
@app.route("/api/login", methods=("GET", "POST"))
 def apilogin():
    usersession = request.cookies.get("session_DO_NOT_SHARE")