Add rate limiting

geneit_backend/src/controllers/auth_controller.rs

@@ -239,8 +239,18 @@ pub struct StartOpenIDLoginResponse {
 }
 
 /// Start OpenID login
-pub async fn start_openid_login(ip: RemoteIP, req: web::Json<StartOpenIDLoginQuery>) -> HttpResult {
-    let url = openid_service::start_login(&req.provider, ip.0).await?;
+pub async fn start_openid_login(
+    remote_ip: RemoteIP,
+    req: web::Json<StartOpenIDLoginQuery>,
+) -> HttpResult {
+    // Rate limiting
+    if rate_limiter_service::should_block_action(remote_ip.0, RatedAction::StartOpenIDLogin).await?
+    {
+        return Ok(HttpResponse::TooManyRequests().finish());
+    }
+    rate_limiter_service::record_action(remote_ip.0, RatedAction::StartOpenIDLogin).await?;
+
+    let url = openid_service::start_login(&req.provider, remote_ip.0).await?;
 
     Ok(HttpResponse::Ok().json(StartOpenIDLoginResponse { url }))
 }