Skip to content

[FEATURE] API Authorisation and Rate-limiting #2

Open
@michaeldera

Description

@michaeldera

Is your feature request related to a problem? Please describe.
At the moment the API is public and can be compromised by bots. The API has a limit implemented through the resource it consumed. This can expose the endpoint to a DOS or the API be used for purposes other than what is intended.

Describe the solution you'd like
Each node to connect to REST API must be rate-limited and users must have accounts so that access is controlled.

Describe alternatives you've considered
Giving a secret token to each node meant to use the endpoint to avoid accounts log in.

Additional context
At the moment the API is being consumed by an extension but ideally should be built with the possibility of being used for other purposes.

Metadata

Metadata

Assignees

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions