supertokens / supertokens-core

Open source alternative to Auth0 / Firebase Auth / AWS Cognito
https://supertokens.com
Other
13.08k stars 519 forks source link

Add rate limiting to certain APIs #163

Open rishabhpoddar opened 3 years ago

rishabhpoddar commented 3 years ago

The above should be enforced per device / session?

ITenthusiasm commented 9 months ago

I'm working on adding rate limiting to an existing Remix application, and I was thinking of adding my findings to the remix-supertokens repo in case it would be of interest. (I'm using a package for this, so the example code for Remix + SuperTokens will still be pretty simple -- which benefits developers trying to understand how the integration works.)

If SuperTokens somehow supports this out of the box (including for its withoutRequestResponse functions), that would be amazing. If it supports this, but not for withoutRequestResponse functions, then a way to identify devices could potentially be helpful (if it wouldn't be a burden or out of scope for the SuperTokens team).

Not pushing this Github Issue as an emergency. Just sharing my thoughts and what I'm currently working on.