ability to enable bruteforce protection for ExApp routes

nextcloud / app_api

Nextcloud AppAPI

https://apps.nextcloud.com/apps/app_api

GNU Affero General Public License v3.0

81 stars 7 forks source link

ability to enable bruteforce protection for ExApp routes #368

Closed bigcat88 closed 2 months ago

bigcat88 commented 2 months ago

<route>
    <url>^api\/w\/nextcloud\/jobs\/.*</url>
    <verb>GET,POST,PUT,DELETE</verb>
    <access_level>PUBLIC</access_level>
    <headers_to_exclude>[]</headers_to_exclude>
    <bruteforce_protection>[401, 500]</bruteforce_protection>
</route>

Looks like this. ExApps should not implement its own protection, we should provide a way to enable basic protection from Nextcloud/AppAPI side.