end
def api_throttle_data
- request.env['rack.attack.throttle_data']['throttle_authenticated_api'] ||
- request.env['rack.attack.throttle_data']['throttle_unauthenticated_api']
+ most_limited_type, = request.env['rack.attack.throttle_data'].min_by { |_, v| v[:limit] }
+ request.env['rack.attack.throttle_data'][most_limited_type]
end
def request_time
req.api_request? && req.authenticated_user_id
end
- throttle('throttle_unauthenticated_api', limit: 300, period: 5.minutes) do |req|
- req.ip if req.api_request? && req.unauthenticated?
+ throttle('throttle_unauthenticated_api', limit: 7_500, period: 5.minutes) do |req|
+ req.ip if req.api_request?
end
throttle('protected_paths', limit: 5, period: 5.minutes) do |req|
cat aescling's git repositories / mastodon.git / commitdiff