-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
TASK : run check on excessive login/logouts #120
Labels
enhancement
New feature or request
Comments
Also we have to
|
Been thinking about this more and this actually would lend itself WELL as form of 'dynamic rate limiting' where we scale down the rate for requests if they login/logout several times
|
orubel
added
enhancement
New feature or request
and removed
bug
Something isn't working
labels
Jun 23, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
people may attempt login/logout to attempt to bypass functionality
This is an immediate flag for attempted hacking.
If we add a ratelimit to login attempts this will help reduce attempts.
for example:
so ...
We store 'lockTime' & 'numberofoccurencesas with User domain
We can add ROLES that bypass the check(ie ROLE_TEST, ROLE_ADMIN)
The text was updated successfully, but these errors were encountered: