nsensfel
commented
5 years ago Single IP per session + single concurrent access to /handler/ per IP (https://github.com/nsensfel/tacticians-client/commit/eb9812b0bb2c32e4ae2fac7fe9db09329aec9975) is likely insufficient if A closes the first connection fast enough. A local timed lock might still be required.
Consider that player A sends a valid "character turn" query. By sending them fast enough, player A might be able to have the handling server deal multiple "character turn" queries in parallel.
From a cache perspective, only the last valid "character turn" will be taken into account (which is fine), but each query will also trigger a DB update. As a result, the DB will have something similar to having the effects of all queries combined.