From f6178c1c4c374670a105e866e1eba821e1d4ee57 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ren=C3=A9=20Jochum?= <rene@jochum.dev>
Date: Sat, 24 Sep 2022 09:15:33 +0200
Subject: [PATCH] Improve rate limits

---
 cmd/microauth2sqld/main.go | 7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

diff --git a/cmd/microauth2sqld/main.go b/cmd/microauth2sqld/main.go
index 616f6e3..d26c90a 100644
--- a/cmd/microauth2sqld/main.go
+++ b/cmd/microauth2sqld/main.go
@@ -324,8 +324,7 @@ func main() {
 					router.Endpoint(authpb.AuthService.List),
 					router.Params("limit", "offset"),
 					router.AuthRequired(),
-					router.RatelimitClientIP("1-M"),
-					router.RatelimitUser("1-M"),
+					router.RatelimitUser("1-S", "10-M"),
 				),
 				router.NewRoute(
 					router.Method(router.MethodPost),
@@ -344,7 +343,6 @@ func main() {
 					router.Path("/refresh"),
 					router.Endpoint(authpb.AuthService.Refresh),
 					router.RatelimitClientIP("1-M", "10-H", "50-D"),
-					router.RatelimitUser("1-M", "10-H", "50-D"),
 				),
 				router.NewRoute(
 					router.Method(router.MethodDelete),
@@ -352,7 +350,6 @@ func main() {
 					router.Endpoint(authpb.AuthService.Delete),
 					router.Params("userId"),
 					router.AuthRequired(),
-					router.RatelimitClientIP("1-S", "10-M"),
 					router.RatelimitUser("1-S", "10-M"),
 				),
 				router.NewRoute(
@@ -361,7 +358,6 @@ func main() {
 					router.Endpoint(authpb.AuthService.Detail),
 					router.Params("userId"),
 					router.AuthRequired(),
-					router.RatelimitClientIP("100-M"),
 					router.RatelimitUser("100-M"),
 				),
 				router.NewRoute(
@@ -370,7 +366,6 @@ func main() {
 					router.Endpoint(authpb.AuthService.UpdateRoles),
 					router.Params("userId"),
 					router.AuthRequired(),
-					router.RatelimitClientIP("1-M"),
 					router.RatelimitUser("1-M"),
 				),
 			)