-
Schuyler Erle authoredAdd Flask-Limiter with Redis backend to protect auth endpoints from brute force and credential stuffing attacks. Endpoints protected: - /login: 5/min per IP + 5/15min per username - /register, /forgot, /reset, /resend-verification: 3/min per IP Rate limits are configurable via [rate_limit] section in config.ini. Supersedes !54 and !56 with a unified implementation.
Schuyler Erle authoredAdd Flask-Limiter with Redis backend to protect auth endpoints from brute force and credential stuffing attacks. Endpoints protected: - /login: 5/min per IP + 5/15min per username - /register, /forgot, /reset, /resend-verification: 3/min per IP Rate limits are configurable via [rate_limit] section in config.ini. Supersedes !54 and !56 with a unified implementation.
Loading