Closed wtmaxim closed 2 months ago
wibu009
commented
2 months ago That sounds simpler than I expected. Perhaps we should split the requests into two streams: authenticated and anonymous. We can then analyze each stream based on IP address or user ID (if provided, since user ID is rarely set in the header).
wtmaxim
commented
2 months ago That sounds simpler than I expected. Perhaps we should split the requests into two streams: authenticated and anonymous. We can then analyze each stream based on IP address or user ID (if provided, since user ID is rarely set in the header).
@iammukeshm, any thoughts ?
iammukeshm
commented
2 months ago @wtmaxim @wibu009 User ID will be anyways available for authenticated Requests. However, just to understand, why did we use this additional 3rd party package for rate limiting? From .NET 7, Microsoft already have a Rate Limiting Middleware. Any issues using it?
I am concerned because this package was updated almost 2 years ago. It's better to use packages that are well-maintained / official.
wtmaxim
commented
2 months ago @iammukeshm Thank you for pointing that out. I apologize for the oversight; I wasn't aware that .NET 7 already includes an official Rate Limiting Middleware.
I understand the importance of using well-maintained and official packages
wtmaxim
commented
2 months ago
closes #948