Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enforce reasonable limits on API keys and Sessions per Principal #252

Merged
merged 4 commits into from
Jul 11, 2022
Merged

Enforce reasonable limits on API keys and Sessions per Principal #252

merged 4 commits into from
Jul 11, 2022

Conversation

danielballan
Copy link
Member

@danielballan danielballan commented Jul 11, 2022
edited
Loading

Put limits on the number of API keys and Sessions per Principal.

  1. Ensure that the routes which list API keys and sessions, which are not paginated, returns in a reasonable time.
  2. Avoid unintentional or intentional abuse.

Closes #250
Closes #251

@danielballan danielballan requested a review from cryos July 11, 2022 16:25
cryos
cryos approved these changes Jul 11, 2022
View reviewed changes
Copy link
Member

@cryos cryos left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me, I might be stingier with the default limits personally. A normal user should rarely need more than ten or twenty API keys in my opinion.

@danielballan danielballan merged commit 84cbc3d into bluesky:main Jul 11, 2022
@danielballan danielballan deleted the more-limits branch July 11, 2022 16:43
@danielballan danielballan restored the more-limits branch July 11, 2022 16:43
@danielballan danielballan deleted the more-limits branch July 11, 2022 16:43
@danielballan danielballan mentioned this pull request Jul 17, 2022
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cryos cryos cryos approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Limit Sessions per Principal Limit API keys per Principal
2 participants
@danielballan @cryos