Add brute-force protection with rate limiting on login

- Caffeine cache used to allow max 5 login attempts per minute. - Login endpoint blocks IPs exceeding rate, returns 429 status. - Failed attempts are reset after successful login or after 1 minute.
2025-07-03 02:47:19 +05:30
parent aaf5d2dbd8
commit dd52421392
3 changed files with 56 additions and 2 deletions
@@ -172,6 +172,11 @@
 					</excludes>
 				</configuration>

+				<dependency>
+					<groupId>com.github.ben-manes.caffeine</groupId>
+					<artifactId>caffeine</artifactId>
+					<version>3.1.8</version>
+				</dependency>

 			</plugin>
 		</plugins>