To prevent users from writing their own bots to abuse the API, some sort of rate limiting needs to be implemented for actions that require users to be logged in. This could be as simple as keeping track of the user's last write action, and preventing any further write action that occurs before a (short) delay has passed.
To prevent users from writing their own bots to abuse the API, some sort of rate limiting needs to be implemented for actions that require users to be logged in. This could be as simple as keeping track of the user's last write action, and preventing any further write action that occurs before a (short) delay has passed.