You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If you provide invalid credentials it should 401, not simply fall back to unauthorized user and try to use up the rate limit for other people.
This is essentially a silent fail, and could lead to all sorts of crazy problems.
Clients not realizing their tokens are bad
Rate limit is constantly used up for the public by one company with a crap token.
etc.
I'll try and have a look but I might not get around to it as I already have about 5-6 outstanding PRs to write for 3 different projects. If anyone can dive in that would be awesome.
The text was updated successfully, but these errors were encountered:
Hey Phil I'm just looking into this now. I'm not sure what's going on here. Are you reaching your rate limit as an authenticated user then using an invalid token and getting the message?
For me if I provide an invalid token it always returns the 401 with the invalid token message.
Hey Phil I'm just looking into this now. I'm not sure what's going on here. Are you reaching your rate limit as an authenticated user then using an invalid token and getting the message?
For me if I provide an invalid token it always returns the 401 with the invalid token message.
Reply to this email directly or view it on GitHub: #62 (comment)
If you provide invalid credentials it should 401, not simply fall back to unauthorized user and try to use up the rate limit for other people.
This is essentially a silent fail, and could lead to all sorts of crazy problems.
etc.
I'll try and have a look but I might not get around to it as I already have about 5-6 outstanding PRs to write for 3 different projects. If anyone can dive in that would be awesome.
The text was updated successfully, but these errors were encountered: