Open daebak74 opened 4 years ago
ocram
commented
4 years ago Thank you!
So we can either use the existing APP_DEBUG (negated) here, which is already used in a few places, or introduce a new APP_THROTTLING option.
I’m not sure yet which is better. But you seem to prefer the second solution, right?
Isn’t the question basically whether you ever want an application (a) in production without throttling or (b) in development with throttling enabled?
daebak74
commented
4 years ago Certainly a library without throttling in production is meaningless. But since all your libraries have a very vast degree of customization I would opt for the second option then default (enabled) and add a new method to decide to disable it. (development and / or production) as is now in Auth library.
ocram
commented
4 years ago Okay, so the plan would be to add APP_THROTTLING=1 (default) or APP_THROTTLING=0 in config/.env as a new setting.
This could be a good solution at the end if someone would disable the Throttling should already possible omit the function (selector, token) and this should to work for all the auth functions. is it correct ?
If no I think that is better to give the possibility to disable separately of debug mode.
Anyway I am sure you'll find the right solution for to keep the library flexible.
Thanks.