Issue: Implement Rate Limiting and Protection for Login Page and API Routes
Description
Currently, our login page and API routes are not rate limited or adequately protected. This vulnerability exposes our application to potential spam attacks and abuse of database calls, which could lead to performance degradation and security issues. This poses a problem if we want our api routes to be public to integrate into other projects such as discord bots or integrations into other websites.
Objectives
Implement rate limiting on the login page to prevent brute-force attacks.
Apply rate limiting to all API routes to mitigate spam and abuse.
Ensure that the application remains user-friendly while enhancing security.
Acceptance Criteria
Issue: Implement Rate Limiting and Protection for Login Page and API Routes
Description
Currently, our login page and API routes are not rate limited or adequately protected. This vulnerability exposes our application to potential spam attacks and abuse of database calls, which could lead to performance degradation and security issues. This poses a problem if we want our api routes to be public to integrate into other projects such as discord bots or integrations into other websites.
Objectives
Implement rate limiting on the login page to prevent brute-force attacks.
Apply rate limiting to all API routes to mitigate spam and abuse.
Ensure that the application remains user-friendly while enhancing security.
Acceptance Criteria