Error, too many requests on account login resume


We are having problems with users reporting that they are logged out randomly and have a hunch that it may have something to do with the following error (seen in Galaxy APM):

Trace Explorer : Error, too many requests. Please slow down. You must wait 2 seconds before trying again. [too-many-requests]

Method - login

  • userId : xML8MN5IDnAeTBygk
  • params : [{"resume":"kGBbi9bSE7gU-Yy7OzUVB-jOPF4lsXgUG-VkbswUO3q"}]

We know that the error is thrown by the Accounts DDPRateLimiter, which is why we have tried implementing a custom rate limiter rule for login which is less strict. This has not solved the problem.

We are on Meteor 2.6 and use accounts-password@2.2.0.

Any ideas for how to trace down the source or to fix this are highly appreciated. Thanks :slight_smile:

We are also getting this. I believe there is a need to fix this within Meteor i.e. add a debounce function when calling the login method during autologin using login tokens

Interesting @rjdavid

So do you think the problem would be solved if we where able to add a debounce function to the resume login function ourselves? I believed that would be possible somehow.

Do you have any idea of what causes the login function to be called too many time in the first place?


The real fix will be to prevent the actual multiple calls triggering the resume function. Although I don’t know much of that part of Meteor to really provide an answer. So the most generic solution I can think is to debounce the resume function

I am using the default code and it’s working fine on my own servers, maybe this is platform related?

I was wondering if it could be some kind of client side loop, but I have not been able to reproduce the error.

We have now added custom logging to the Accounts.onLogin callback when type is “resume”, to get some more details about the specific login resume when the error happens.

I’ll keep you posted about our findings :slight_smile:

1 Like

Should you be using onLoginFailure()?

Good point, I’ll look into that.

Also maybe a workaround could be to use onLogout Accounts (multi-server) | Meteor API Docs to detect those users logged out by the server and then logging them in again, if it was caused by the rate limiter problem.