add DRF throttle scopes to relevant rest auth views

steverecio · steverecio · commit 596cbee153b7 · 2020-01-10T17:47:54.000-05:00
diff --git a/rest_auth/registration/views.py b/rest_auth/registration/views.py
@@ -40,6 +40,7 @@ class RegisterView(CreateAPIView):
     serializer_class = RegisterSerializer
     permission_classes = register_permission_classes()
     token_model = TokenModel
+    throttle_scope = 'rest_auth'
 
     @sensitive_post_parameters_m
     def dispatch(self, *args, **kwargs):
diff --git a/rest_auth/views.py b/rest_auth/views.py
@@ -43,6 +43,7 @@ class LoginView(GenericAPIView):
     permission_classes = (AllowAny,)
     serializer_class = LoginSerializer
     token_model = TokenModel
+    throttle_scope = 'rest_auth'
 
     @sensitive_post_parameters_m
     def dispatch(self, *args, **kwargs):
@@ -114,6 +115,7 @@ class LogoutView(APIView):
     Accepts/Returns nothing.
     """
     permission_classes = (AllowAny,)
+    throttle_scope = 'rest_auth'
 
     def get(self, request, *args, **kwargs):
         if getattr(settings, 'ACCOUNT_LOGOUT_ON_GET', False):
@@ -178,6 +180,7 @@ class PasswordResetView(GenericAPIView):
     """
     serializer_class = PasswordResetSerializer
     permission_classes = (AllowAny,)
+    throttle_scope = 'rest_auth'
 
     def post(self, request, *args, **kwargs):
         # Create a serializer with request.data
@@ -203,6 +206,7 @@ class PasswordResetConfirmView(GenericAPIView):
     """
     serializer_class = PasswordResetConfirmSerializer
     permission_classes = (AllowAny,)
+    throttle_scope = 'rest_auth'
 
     @sensitive_post_parameters_m
     def dispatch(self, *args, **kwargs):
@@ -226,6 +230,7 @@ class PasswordChangeView(GenericAPIView):
     """
     serializer_class = PasswordChangeSerializer
     permission_classes = (IsAuthenticated,)
+    throttle_scope = 'rest_auth'
 
     @sensitive_post_parameters_m
     def dispatch(self, *args, **kwargs):
