Open GeoffFroh opened 6 years ago
Request-throttling: Access to the REST API is currently completely open, with no use restrictions. The API should be openly-accessible to anonymous users, but cap daily requests to a reasonable number. 10K?
http://www.django-rest-framework.org/api-guide/authentication/
Seealso https://github.com/densho/encyc-front/issues/61 https://github.com/densho/ddr-public/issues/62 https://github.com/densho/ddr-idservice/issues/9
Created separate issue for token-based auth: https://github.com/densho/encyc-rg/issues/66
Let's set the limit to 500/day
API limit set in ansible-colo commit 4a6f092.
ansible-colo
4a6f092
Request-throttling: Access to the REST API is currently completely open, with no use restrictions. The API should be openly-accessible to anonymous users, but cap daily requests to a reasonable number. 10K?
http://www.django-rest-framework.org/api-guide/authentication/
Seealso https://github.com/densho/encyc-front/issues/61 https://github.com/densho/ddr-public/issues/62 https://github.com/densho/ddr-idservice/issues/9