… return http error status code on already existing e-mail
What does it fix?
Closes #61
This tries to allow the API to inform the client(s) that an e-mail is already used, but prevent a malicious actor from checking many e-mail addresses. This is done by using IP rate-limiting via AspNetCoreRateLimit library.
However, I am not sure about returning a Conflict response for existing e-mails. The alternative would be returning OK, but this requires a breaking change for the response payload model since now it is just a string.
How has it been tested?
Currently, I have performed only some manual checks and it works as expected.
hardcoded IP rating limits in appsettings.json
not checked how current clients react to a non-OK (non 200) status code
no automatic tests (I guess I need for #76 to be closed).
… return http error status code on already existing e-mail
What does it fix?
Closes #61
This tries to allow the API to inform the client(s) that an e-mail is already used, but prevent a malicious actor from checking many e-mail addresses. This is done by using IP rate-limiting via AspNetCoreRateLimit library.
However, I am not sure about returning a Conflict response for existing e-mails. The alternative would be returning OK, but this requires a breaking change for the response payload model since now it is just a string.
How has it been tested?
Currently, I have performed only some manual checks and it works as expected.