NoMongo: Apply rate limiting to API endpoints #3309
Comments
|
@palisadoes assign |
github-actions
bot
added
bug
|
Our policy is to assign no more than two issues to each contributor across all repositories. This way everyone gets a chance to participate in the projects. We sometimes give exceptions for more urgent cases and sometimes we lose track, but the policy stands. You have reached your limit, please wait until your existing issues are closed before requesting more issues. You could unassign yourself from one of the other issues too. @im-vedant |
|
would like to work on this one, I have asked to unassign from two issues assigned to me |
|
Please Assign |
|
@im-vedant what are the approaches to implement the web-server rate limiting ? |
|
@im-vedant i have got that but are you applying in talawa-api? |
|
@iamanishx Yes, I am applying rate limiting to talawa api. I am not using fast rate limit. |
@im-vedant Can you confirm what you have planned to use . |
|
@im-vedant What is your proposed approach? |
|
I just saw the document.
|
https://docs.google.com/document/d/1465DpM1G1eNqJKjBjIvyvMjbnL3LcfiYPZw9fgait_Q/edit?tab=t.0 here it is |
https://docs.google.com/document/d/152l1rGiwLyLHjJwj0PQLzv2RLdS19ufE_3r3SrjZ8wg/edit?tab=t.0 |
|
PalisadoesFoundation/talawa-admin#3755 this the issue opend for this and we are working on this . a minimal fastify for making proper authorized calls in between bff server and api we will use the rate-limiting can be done properly within the |
|
@iamanishx We need to consider mobile version too. For that need to implement API rate limiting in talawa api. |
yes good point as there is no issue of cors in between mobile and api it would be better not to include the |
|
This issue did not get any activity in the past 10 days and will be closed in 180 days if no update occurs. Please check if the develop branch has fixed it and report again or close the issue. |
|
Unassigned. Inactivity |
|
@palisadoes I am working on it. Last week my exams were going on. I have made significant progress. Will raise a pr in 2-3 days. |
Overview
We created a hosted Test Website for us to evaluate the application's develop-postgres branch.
The implementation of this site exposed many shortcomings which are documented in our Talawa Security Improvements - 2025 document.
This is one of the action plan issues in that document.
This issue requires someone with very good knowledge of the code base
This includes:
Describe the bug
Currently, Talawa API does not have API rate limiting.
Expected behavior
https://docs.google.com/document/d/16fJEZQHzji_RuarBn-33UvFYUh78ERZPKRFyTnvxyxc/edit?tab=t.0
Additional details
You will need to submit multiple PRs to get this done:
The text was updated successfully, but these errors were encountered: