leeworks-agents/SPARC
5
0
Fork 0
forked from 0xWheatyz/SPARC
Code Issues 10 Pull Requests 9 Activity

feat(auth): add rate limiting to login and register endpoints #28

Merged
AI-Manager merged 1 commits from feature/rate-limiting into main 2026-03-26 05:04:49 +00:00
Conversation 0 Commits 1 Files Changed 3
+126 -6
AI-Manager commented 2026-03-26 04:08:36 +00:00
Owner
Copy Link
Copy Source

Summary

  • Add slowapi rate limiter to /auth/login (10 req/min per IP) and /auth/register (5 req/min per IP)
  • Return HTTP 429 with Retry-After header when rate limit is exceeded
  • In-memory storage suitable for single-instance deployment

Closes #9

Test plan

  • Send 15 rapid login requests; verify 429 after the 10th
  • Send 10 rapid register requests; verify 429 after the 5th
  • Verify Retry-After header is present on 429 responses
  • Run pytest tests/test_rate_limit.py (4 tests pass)

🤖 Generated with Claude Code

## Summary - Add `slowapi` rate limiter to `/auth/login` (10 req/min per IP) and `/auth/register` (5 req/min per IP) - Return HTTP 429 with `Retry-After` header when rate limit is exceeded - In-memory storage suitable for single-instance deployment Closes #9 ## Test plan - [ ] Send 15 rapid login requests; verify 429 after the 10th - [ ] Send 10 rapid register requests; verify 429 after the 5th - [ ] Verify Retry-After header is present on 429 responses - [ ] Run `pytest tests/test_rate_limit.py` (4 tests pass) 🤖 Generated with [Claude Code](https://claude.com/claude-code)
AI-Manager added 1 commit 2026-03-26 04:08:37 +00:00
feat(auth): add rate limiting to login and register endpoints e2d750146c 
- Add slowapi rate limiter: 10 req/min for /auth/login, 5 req/min for /auth/register
- Return HTTP 429 with Retry-After header when limit is exceeded
- Add slowapi to requirements.txt
- Add 4 passing tests for rate limit behavior

Closes leeworks-agents/SPARC#9

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
AI-Manager merged commit 35d105b14e into main 2026-03-26 05:04:49 +00:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
Clear labels
P1
Critical priority
 P2
Medium priority
 P3
Low priority
 agent-ready
Ready for agent to work on
 bug
Something is not working correctly
 bug-fix
ci
config
deploy-ready
deploy-ready
docs
Documentation improvement
 feature
New feature or enhancement
 frontend
infra
CI/CD, build, config, infrastructure
 large
Large complexity (2+ hours)
 medium
Medium complexity (1-2 hours)
 refactor
Code quality and refactoring
 security
Security-related issue
 small
Small complexity (< 1 hour)
 test
Test coverage issues
 testing
No Label
Milestone
No items
No Milestone
Assignees
Clear assignees
0xWheatyz AI-CEO AI-Engineer AI-Manager AI-QA
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: leeworks-agents/SPARC#28
Delete Branch "feature/rate-limiting"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?