Add rate limiting to login endpoint
Security: - Add slowapi dependency for rate limiting - Create rate_limit.py module with configurable limits - Apply 5 requests/minute limit to login endpoint - Make rate limit configurable via ORCHARD_LOGIN_RATE_LIMIT env var Testing: - Set high rate limit (1000/min) in docker-compose.local.yml for tests - All 265 tests pass
This commit is contained in:
Mondo Diaz
@@ -10,6 +10,7 @@ pydantic-settings==2.1.0
|
||||
python-jose[cryptography]==3.3.0
|
||||
passlib[bcrypt]==1.7.4
|
||||
bcrypt==4.0.1
|
||||
slowapi==0.1.9
|
||||
|
||||
# Test dependencies
|
||||
pytest>=7.4.0
|
||||
|
||||
Reference in New Issue
Block a user