From 5b5d1f32b72930d170461b8e55c442c1118ac0a8 Mon Sep 17 00:00:00 2001
From: Andrew Tomaka <atomaka@atomaka.com>
Date: Thu, 16 Jan 2025 22:19:35 -0500
Subject: [PATCH] Try out new Rails rate limiting (#53)

Reviewed-on: https://git.atomaka.com/atomaka/budget/pulls/53
---
 app/controllers/sessions_controller.rb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
index 3bf7328..cd3ab5d 100644
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@@ -1,5 +1,6 @@
 class SessionsController < ApplicationController
   require_unregistered_user only: %i[new create]
+  rate_limit to: 5, within: 1.minute, only: :create, with: -> { redirect_to new_session_url, alert: "Cannot currently login" }
   # GET /sessions/new
   def new
     @session = Session.new