Closed wtmaxim closed 2 months ago
That sounds simpler than I expected. Perhaps we should split the requests into two streams: authenticated and anonymous. We can then analyze each stream based on IP address or user ID (if provided, since user ID is rarely set in the header).
That sounds simpler than I expected. Perhaps we should split the requests into two streams: authenticated and anonymous. We can then analyze each stream based on IP address or user ID (if provided, since user ID is rarely set in the header).
@iammukeshm, any thoughts ?
@wtmaxim @wibu009 User ID will be anyways available for authenticated Requests. However, just to understand, why did we use this additional 3rd party package for rate limiting? From .NET 7, Microsoft already have a Rate Limiting Middleware. Any issues using it?
I am concerned because this package was updated almost 2 years ago. It's better to use packages that are well-maintained / official.
@iammukeshm Thank you for pointing that out. I apologize for the oversight; I wasn't aware that .NET 7 already includes an official Rate Limiting Middleware.
I understand the importance of using well-maintained and official packages
closes #948