nemunaire/chldapasswd
1
0
Fork 0
Code Issues Pull requests Releases Activity
49 commits 1 branch 0 tags 293 KiB
Commit graph

3 commits

Author SHA1 Message Date
Pierre-Olivier Mercier
2a9eec233a fix(security): add per-IP rate limiting to all authentication endpoints 
Implement sliding window rate limiter to prevent brute-force attacks:
- /auth and /login: 20 requests/minute per IP
- /change: 10 POST requests/minute per IP
- /lost: 5 POST requests/minute per IP (prevents email spam and user enumeration)
- /reset: 10 POST requests/minute per IP
- /api/v1/aliases: 30 requests/minute per IP

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-06 15:30:48 +07:00
Pierre-Olivier Mercier
65d0d4a53e Can delete own aliases 2026-03-06 15:30:48 +07:00
Pierre-Olivier Mercier
e6a4271a75 Add an API compatibly with addy.io to generate aliases
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-05-31 16:19:53 +02:00