Hi,
I am trying to use the rate limiter to enforce a max 6 login attempts per 5 minutes.
I changed the default rule, and it works, except that when refreshing the page the limits are resets.
Is it possible to make the rate limit survive a page refresh?
clientAddress seems to be possible too, but for big organization it’s a problem since more than 6 people (using the same IP) could login in that window.
Is there a way to make the connectionId persist across refreshes?
DDPRateLimiter.addRule({
userId: null,
clientAddress: ip => true,
type: 'method',
name: 'login',
connectionId: connectionId => true,
}, 5, 6000);
Thanks