Rate Limiting for POSTs

[horahoradev]

Context and Motivation

We need rate limiting to ensure untrusted users don't spam requests (e.g. new comments over and over).

We currently use echo on front_api; https://echo.labstack.com/docs/middleware/rate-limiter is a promising option, but we primarily want to limit POST requests, not GET requests. Cloudflare should handle GET request concerns.

Prerequisites

I'd recommend learning about the following topics before approaching this:

• Golang (going through A Tour of Go is sufficient)
• Echo (read some of the docs)
• (optional unless reimplementing from scratch): https://en.wikipedia.org/wiki/Token_bucket

• Goals

  1. Rate limit POST requests, maybe by user privilege

[Sanket-Arekar]

Hey @horahoradev I would like to work on this issue. Can you Please assign me this issue?

[horahoradev]

@Sanket-Arekar sure, are you in the Discord?

[horahoradev]

although, I think https://github.com/ravihidayat wanted this as well (can't seem to ping him)