Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Implement rate limiter on reset password #5103

Closed
wants to merge 5 commits into from
Closed

Implement rate limiter on reset password #5103

wants to merge 5 commits into from

Conversation

TiBiBa
Copy link
Collaborator

@TiBiBa TiBiBa commented Feb 8, 2024

This PR fixes #5102.

@TiBiBa TiBiBa marked this pull request as draft February 8, 2024 17:07
@ghost
Copy link

ghost commented Feb 8, 2024

👇 Click on the image for a new way to code review

Review these changes using an interactive CodeSee Map

Legend

CodeSee Map legend

requirements.txt Outdated
@@ -28,10 +28,11 @@ turtlethread>=0.0.6
pygame==2.1.2
pre-commit==2.20.0
babel==2.14.0
jinja-partials==0.1.1
jinja-partials==0.1.1clea
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I suspect this is a typo @TiBiBa? Did you mean just to leave it at 0.1.1 or is there another version needed?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this is a typo, will look into this. We should also decide on a nice test case, but that might be easy to fix on Alpha.

@Felienne
Copy link
Member

Here is another old left over PR from the hackathon that could be either closed or finished?

@Felienne Felienne assigned jpelay and hasan-sh and unassigned jpelay Mar 19, 2024
# Implement the rate limiter
limiter = Limiter(
get_remote_address,
storage_uri="memory://",
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I managed to get the limiter working, but for us to make this really work on production we'd have to use a persistent storage solution, like memcached, redis or MongoDB. Now, all of these solutions come at a cost, since as far as I can tell, we'd need to pay a cloud provider for this (e.g; Memcached Cloud), with varying costs. @TiBiBa Did you have something in mind when opening this PR about this, do you know a way to fire a memcached server on Heroky without incurring on costs?

@jpelay jpelay added the backend Issues or PRs related with the backend of Hedy, especially in relation to the website and database. label Jul 31, 2024
@jpelay jpelay closed this Nov 14, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
backend Issues or PRs related with the backend of Hedy, especially in relation to the website and database.
Projects
Status: ToBeDiscussed
Development

Successfully merging this pull request may close these issues.

💻 Implement a request rate limiter
4 participants