Qlockify/qlockify-backend-deployment
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(throttling): add auth throttling and structured cooldown errors

Browse Source
This commit is contained in:
Amirhossein Khalili
2026-04-30 15:25:45 +03:30
parent 3152284cf3
commit 08e1793765
5 changed files with 338 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
apps/users/api/views.py
View File

@@ -30,6 +30,12 @@ from apps.users.api.serializers import (
UserProfileSerializer,
UserSearchSerializer,
)
from apps.users.api.throttles import (
OTPLoginThrottle,
OTPSendBurstThrottle,
OTPSendSustainedThrottle,
PasswordLoginThrottle,
)
from apps.users.services.auth import (
register_user_with_password,
register_user_with_otp,
@@ -91,6 +97,7 @@ class SendOTPView(APIView):
+ password reset
"""
permission_classes = (AllowAny,)
throttle_classes = [OTPSendBurstThrottle, OTPSendSustainedThrottle]
@extend_schema(request=SendOTPSerializer, responses=None)
def post(self, request):
@@ -107,6 +114,7 @@ class SendOTPView(APIView):
class LoginView(APIView):
permission_classes = (AllowAny,)
throttle_classes = [PasswordLoginThrottle]
@extend_schema(request=LoginSerializer, responses=TokenPairSerializer)
def post(self, request):
@@ -123,6 +131,7 @@ class LoginView(APIView):
class LoginOTPView(APIView):
permission_classes = (AllowAny,)
throttle_classes = [OTPLoginThrottle]
@extend_schema(request=LoginOtpSerializer, responses=TokenPairSerializer)
def post(self, request):