Skip to content

Add rate limiting for passwordless approval requests #44

New issue
New issue
Open
Open
Add rate limiting for passwordless approval requests#44
Labels
area:authAuthentication and access controlarea:backendBackend/server codearea:networkConnections and client networkingarea:securitySecurity-sensitive behaviorenhancementNew feature or request
@guysmoilov

Description

@guysmoilov
guysmoilov
opened on Feb 17, 2026

Problem

There is no rate limiting on the passwordless connection approval flow. A malicious client could spam pending connection requests to flood the operator's TUI with approval prompts.

Proposed solution

  • Track approval attempt counts per IP address
  • After N failed/denied attempts within a window, reject new approval requests from that IP with auth_error
  • Simple in-memory tracking is sufficient (resets on server restart)

Suggested defaults

  • Max 5 pending/denied attempts per IP per 10 minutes
  • Configurable via CLI flags: --approval-rate-limit <count> and --approval-rate-window <seconds>

Notes

This is especially important for publicly exposed instances where the approval flow is used as the primary access mechanism.

Metadata

Metadata

Assignees

No one assigned

    Labels

    area:authAuthentication and access controlarea:backendBackend/server codearea:networkConnections and client networkingarea:securitySecurity-sensitive behaviorenhancementNew feature or request

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions