From 328019e438a7e9c9b3c5f3f96b60da0d45c22d48 Mon Sep 17 00:00:00 2001
From: spinline <bilal.karatatr.@gmail.com>
Date: Sun, 8 Feb 2026 13:59:08 +0300
Subject: [PATCH] =?UTF-8?q?fix:=20login=20rate=20limit=20ayarlar=C4=B1=20d?=
 =?UTF-8?q?aha=20kat=C4=B1=20hale=20getirildi?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 backend/src/rate_limit.rs | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/backend/src/rate_limit.rs b/backend/src/rate_limit.rs
index 91e5979..af83480 100644
--- a/backend/src/rate_limit.rs
+++ b/backend/src/rate_limit.rs
@@ -5,10 +5,13 @@ use tower_governor::governor::GovernorConfigBuilder;
 use tower_governor::key_extractor::SmartIpKeyExtractor;
 
 pub fn get_login_rate_limit_config() -> GovernorConfig<SmartIpKeyExtractor, NoOpMiddleware<QuantaInstant>> {
+    // 20 saniyede bir yeni hak verilir (dakikada 3 istek).
+    // Başlangıçta 3 isteklik bir patlama (burst) hakkı tanınır.
+    // Kullanıcı 3 kere hızlıca deneyebilir, 4. deneme için 20 saniye beklemesi gerekir.
     GovernorConfigBuilder::default()
         .key_extractor(SmartIpKeyExtractor)
-        .per_second(1)
-        .burst_size(5)
+        .per_second(20)
+        .burst_size(3)
         .finish()
         .unwrap()
 }
\ No newline at end of file