From c72c2bbf72f27168e1b9eeb88b8c5b5c8d64e818 Mon Sep 17 00:00:00 2001
From: maaa <no@thankyou.com>
Date: Mon, 10 Jul 2023 00:21:48 +0200
Subject: [PATCH] rate limit login API

---
 main | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/main b/main
index b102bd4..352df03 100644
--- a/main
+++ b/main
@@ -252,6 +252,8 @@ def apiuserinfo():
                     "error": "no authentication"
                 }, 403
 
+
+@limiter.limit("10/minute", override_defaults=False)
 @app.route("/api/login", methods=("GET", "POST"))
 def apilogin():
     usersession = request.cookies.get("session_DO_NOT_SHARE")