Rate Limit change not being effective #10025
Description
Bug report
I am still getting limited to 10 max requests per minute, even after changing the limit on extensions/users-permissions/config/policies/ratelimit.js that looks like this:
const lazyRateLimit = {
get RateLimit() {
return require('koa2-ratelimit').RateLimit;
},
};
module.exports = async (ctx, next) => {
const message = [
{
messages: [
{
id: 'Auth.form.error.ratelimit',
message: 'Too many attempts, please try again in a minute.',
},
],
},
];
return lazyRateLimit.RateLimit.middleware(
Object.assign(
{},
{
interval: 1 * 60 * 1000,
max: 100
,
prefixKey: `${ctx.request.path}:${ctx.request.ip}`,
message,
},
strapi.plugins['users-permissions'].config.ratelimit
)
)(ctx, next);
};
And just in case created a extensions/users-permissions/config/routes.json file that contains a route like this:
...,
{
"method": "POST",
"path": "/auth/local",
"handler": "Auth.callback",
"config": {
"policies": ["plugins::users-permissions.ratelimit"],
"prefix": "",
"description": "Login a user using the identifiers email and password",
"tag": {
"plugin": "users-permissions",
"name": "User"
}
}
},
...
System
- Running docker-compose configuration
- Node.js version: v12.18.2
- NPM version: 6.14.5
- Strapi version: 3.1.1
- Database: MongoDB
- Operating system: Ubuntu 20.04