Open tushar5526 opened 7 months ago
Hi! Important Details - These following details are helpful for contributors to effectively identify and contribute to tickets.
Please update the ticket
Hello @tushar5526 @ChakshuGautam , can you please assign this issue and mentor me regarding the same?
@tushar5526 @ChakshuGautam Are we avoiding IP addresses because in most of the cases it does not only identifies it as a person, but rather a router which possibly may contain every individual connected with the router to be rate-limited.
Do we need to just add a fingerprint layer (like a auth) over api-requests? Ref: https://dev.fingerprint.com/docs/fingerprintjs-pro-server-api-nodejs-sdk
@tushar5526 @techsavvyash
@techsavvyash @Savio629 Can we take this ahead?
Ticket Contents
Description
Sanity check on application ids being used in requests. Rate-limiting based on fingerprints to prevent DDoS or exploitation of sendOTP APIs
Goals
Goals
Expected Outcome
No response
Acceptance Criteria
No response
Implementation Details
Rate limiting can be done using a fingerprint library as we can't rate-limit based on the public IPs.
Mockups/Wireframes
No response
Product Name
Stencil
Organisation Name
SamagraX
Domain
No response
Tech Skills Needed
NestJS
Mentor(s)
@ChakshuGautam @tushar5526
Complexity
Medium
Category
Other