ezekg
commented
1 month ago Should we do account and IP level lists? I could see cases where an Ent customer wants to bypass the rate limiter for all IPs, and an account-level whitelist would be useful there.
Related to #849. We shouldn't be hitting Redis for this limiter when it's typically only a small number of IPs that could be easily stuffed into an env var instead of Redis.
See: https://github.com/keygen-sh/keygen-api/blob/master/config/initializers/rack_attack.rb#L18