feat: replace fixed login rate limit with progressive lockout

Made-with: Cursor
2026-03-04 17:55:25 +03:00
parent e3d7f1d24c
commit dcc4fd370a
5 changed files with 141 additions and 15 deletions
--- a/.env.example
+++ b/.env.example
@@ -23,8 +23,7 @@ LLM_MAX_RETRIES=1
 LLM_TEMPERATURE=0.7
 LLM_MAX_TOKENS=2048

-# Rate limits
-RATE_LIMIT_LOGIN=5
+# Rate limits (login uses progressive lockout: 5/10/20 failed attempts -> 15m/1h/24h block)
 RATE_LIMIT_REGISTER=3
 RATE_LIMIT_FORGOT_PASSWORD=3
 RATE_LIMIT_VERIFY_EMAIL=5