You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We currently have a number of issue with rate limiting, in login, admin or invite forms.
@0livd implemented a custom made LoginThrottler in #249 that served well, but is limited. I open this discussion to the usage of https://flask-limiter.readthedocs.io/en/stable/index.html This has the main drawbacks of adding more dependencies to the project, but can effectively increase the security for every user.
@0livd do you have an opinion on this new dependency, since your code will be obsolete in the case we use Flask-Limiter? And for everyone, do you have experience with this? Otherwise, I am willing to perform some tests with this.
The text was updated successfully, but these errors were encountered:
Hey, thanks for opening this. Using Flask-Limiter seems a good way to move forward on this. It's easy enough and seems maintained. It's okay to have one more dependency for stuff like this in my opinion.
We currently have a number of issue with rate limiting, in login, admin or invite forms.
@0livd implemented a custom made
LoginThrottler
in #249 that served well, but is limited. I open this discussion to the usage of https://flask-limiter.readthedocs.io/en/stable/index.html This has the main drawbacks of adding more dependencies to the project, but can effectively increase the security for every user.@0livd do you have an opinion on this new dependency, since your code will be obsolete in the case we use
Flask-Limiter
? And for everyone, do you have experience with this? Otherwise, I am willing to perform some tests with this.The text was updated successfully, but these errors were encountered: