Rate Limit doesn't work for /send-verification-email
I am trying to configure rate limiting in Next.js, but for some reason it doesn't work. I tried in both dev and prod environments, with the following config:
rateLimit: {
enabled: true,
customRules: {
...
'/send-verification-email': {
window: 300,
max: 1,
},
},
}
Didn't work. Then I tried setting storage type to database by providing the following additional props:
storage: 'database',
modelName: 'rateLimit'
With the following prisma model:
model RateLimit {
id String @id @default(uuid()) @db.Uuid
key String
count Int
lastRequest BigInt @map("last_request")
@@map("rate_limits")
}
Still nothing
Also, where do I get a list of endpoints such as '/send-verification-email'? I tried searching in the docs, but couldn't find any mention of these.Solution:Jump to solution
Okay apparently calling
auth.api.sendVerificationEmail from server bypasses the rate limitations, it only works when request is coming from the client using authClient.sendVerificationEmail1 Reply
Solution
Okay apparently calling
auth.api.sendVerificationEmail from server bypasses the rate limitations, it only works when request is coming from the client using authClient.sendVerificationEmail