Currently the /api/recommend route has no rate limiting, meaning a single user could spam requests and burn through the Groq API quota quickly.
What needs to be done:
- Limit requests per IP address to prevent abuse
- Suggested limit: 10 requests per minute per IP
- Return a
429 Too Many Requests response with a clear message when the limit is exceeded
Currently the
/api/recommendroute has no rate limiting, meaning a single user could spam requests and burn through the Groq API quota quickly.What needs to be done:
429 Too Many Requestsresponse with a clear message when the limit is exceeded