New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
How to secure API resources (e.g. user registration endpoint) #263
Comments
Hi @kgrzybek , @kmasalski , I would really appreciate your response on my question. |
@ahmedtanveer an idea would be to create some sort of middleware that logs IPs and limits the number of requests they can make. This is useful even for secured endpoints because you could have a user registering and then performing a DoS attack to your system. The registration endpoints could have stricter quotas than the normal usage ones. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi,
Thanks for the great piece of work.
How do you secure your APIs so that only your React client can access.
For e.g. if user registration endpoint isn't secured, anyone can post request and create unlimited users.
In this case, how you would secure the APIs, specifically, those endpoints which don't have Authorize attributes.
Really appreciate help in this regards. Thanks in advance.
The text was updated successfully, but these errors were encountered: