From ff03fd3faab132ec7420911bdcc0e407a21e7d63 Mon Sep 17 00:00:00 2001
From: Vignesh Rao <svignesh1793@gmail.com>
Date: Tue, 17 Sep 2024 22:08:53 -0500
Subject: [PATCH] Add IP whitelisting functionality Restructure OAuth process
 Fix lazy check and improve datastructure on rate limiting

---
 docs/genindex.html     |  17 ++++++++----
 docs/index.html        |  35 ++++++++++--------------
 docs/objects.inv       | Bin 882 -> 889 bytes
 docs/searchindex.js    |   2 +-
 vaultapi/auth.py       |   9 +++++++
 vaultapi/main.py       |  10 ++++++-
 vaultapi/models.py     |  60 ++++++++++++++++++++---------------------
 vaultapi/rate_limit.py |  54 +++++++++++++++++++------------------
 8 files changed, 102 insertions(+), 85 deletions(-)

diff --git a/docs/genindex.html b/docs/genindex.html
index a97f144..7b7a176 100644
--- a/docs/genindex.html
+++ b/docs/genindex.html
@@ -42,7 +42,8 @@ <h3>Navigation</h3>
 <h1 id="index">Index</h1>
 
 <div class="genindex-jumpbox">
- <a href="#A"><strong>A</strong></a>
+ <a href="#_"><strong>_</strong></a>
+ | <a href="#A"><strong>A</strong></a>
  | <a href="#C"><strong>C</strong></a>
  | <a href="#D"><strong>D</strong></a>
  | <a href="#E"><strong>E</strong></a>
@@ -61,6 +62,14 @@ <h1 id="index">Index</h1>
  | <a href="#W"><strong>W</strong></a>
  
 </div>
+<h2 id="_">_</h2>
+<table style="width: 100%" class="indextable genindextable"><tr>
+  <td style="width: 33%; vertical-align: top;"><ul>
+      <li><a href="index.html#vaultapi.rate_limit._get_identifier">_get_identifier() (in module vaultapi.rate_limit)</a>
+</li>
+  </ul></td>
+</tr></table>
+
 <h2 id="A">A</h2>
 <table style="width: 100%" class="indextable genindextable"><tr>
   <td style="width: 33%; vertical-align: top;"><ul>
@@ -131,8 +140,6 @@ <h2 id="E">E</h2>
 <table style="width: 100%" class="indextable genindextable"><tr>
   <td style="width: 33%; vertical-align: top;"><ul>
       <li><a href="index.html#vaultapi.main.enable_cors">enable_cors() (in module vaultapi.main)</a>
-</li>
-      <li><a href="index.html#vaultapi.models.EnvConfig.endpoints">endpoints (vaultapi.models.EnvConfig attribute)</a>
 </li>
       <li><a href="index.html#vaultapi.models.env">env (in module vaultapi.models)</a>
 </li>
@@ -271,11 +278,11 @@ <h2 id="M">M</h2>
 <h2 id="P">P</h2>
 <table style="width: 100%" class="indextable genindextable"><tr>
   <td style="width: 33%; vertical-align: top;"><ul>
+      <li><a href="index.html#vaultapi.models.EnvConfig.parse_allowed_origins">parse_allowed_origins() (vaultapi.models.EnvConfig class method)</a>
+</li>
       <li><a href="index.html#vaultapi.models.EnvConfig.parse_api_secret">parse_api_secret() (vaultapi.models.EnvConfig class method)</a>
 </li>
       <li><a href="index.html#vaultapi.models.EnvConfig.parse_apikey">parse_apikey() (vaultapi.models.EnvConfig class method)</a>
-</li>
-      <li><a href="index.html#vaultapi.models.EnvConfig.parse_endpoints">parse_endpoints() (vaultapi.models.EnvConfig class method)</a>
 </li>
       <li><a href="index.html#vaultapi.models.EnvConfig.port">port (vaultapi.models.EnvConfig attribute)</a>
 </li>
diff --git a/docs/index.html b/docs/index.html
index e2528f3..0fd4cbe 100644
--- a/docs/index.html
+++ b/docs/index.html
@@ -323,11 +323,6 @@ <h1>Models<a class="headerlink" href="#models" title="Permalink to this heading"
 <span class="sig-name descname"><span class="pre">database</span></span><em class="property"><span class="p"><span class="pre">:</span></span><span class="w"> </span><span class="pre">Union</span><span class="p"><span class="pre">[</span></span><span class="pre">Path</span><span class="p"><span class="pre">,</span></span><span class="w"> </span><span class="pre">Path</span><span class="p"><span class="pre">,</span></span><span class="w"> </span><span class="pre">str</span><span class="p"><span class="pre">]</span></span></em><a class="headerlink" href="#vaultapi.models.EnvConfig.database" title="Permalink to this definition">¶</a></dt>
 <dd></dd></dl>
 
-<dl class="py attribute">
-<dt class="sig sig-object py" id="vaultapi.models.EnvConfig.endpoints">
-<span class="sig-name descname"><span class="pre">endpoints</span></span><em class="property"><span class="p"><span class="pre">:</span></span><span class="w"> </span><span class="pre">Union</span><span class="p"><span class="pre">[</span></span><span class="pre">Url</span><span class="p"><span class="pre">,</span></span><span class="w"> </span><span class="pre">List</span><span class="p"><span class="pre">[</span></span><span class="pre">Url</span><span class="p"><span class="pre">]</span></span><span class="p"><span class="pre">]</span></span></em><a class="headerlink" href="#vaultapi.models.EnvConfig.endpoints" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
 <dl class="py attribute">
 <dt class="sig sig-object py" id="vaultapi.models.EnvConfig.host">
 <span class="sig-name descname"><span class="pre">host</span></span><em class="property"><span class="p"><span class="pre">:</span></span><span class="w"> </span><span class="pre">str</span></em><a class="headerlink" href="#vaultapi.models.EnvConfig.host" title="Permalink to this definition">¶</a></dt>
@@ -350,7 +345,7 @@ <h1>Models<a class="headerlink" href="#models" title="Permalink to this heading"
 
 <dl class="py attribute">
 <dt class="sig sig-object py" id="vaultapi.models.EnvConfig.allowed_origins">
-<span class="sig-name descname"><span class="pre">allowed_origins</span></span><em class="property"><span class="p"><span class="pre">:</span></span><span class="w"> </span><span class="pre">List</span><span class="p"><span class="pre">[</span></span><span class="pre">str</span><span class="p"><span class="pre">]</span></span></em><a class="headerlink" href="#vaultapi.models.EnvConfig.allowed_origins" title="Permalink to this definition">¶</a></dt>
+<span class="sig-name descname"><span class="pre">allowed_origins</span></span><em class="property"><span class="p"><span class="pre">:</span></span><span class="w"> </span><span class="pre">Union</span><span class="p"><span class="pre">[</span></span><span class="pre">Url</span><span class="p"><span class="pre">,</span></span><span class="w"> </span><span class="pre">List</span><span class="p"><span class="pre">[</span></span><span class="pre">Url</span><span class="p"><span class="pre">]</span></span><span class="p"><span class="pre">]</span></span></em><a class="headerlink" href="#vaultapi.models.EnvConfig.allowed_origins" title="Permalink to this definition">¶</a></dt>
 <dd></dd></dl>
 
 <dl class="py attribute">
@@ -359,9 +354,9 @@ <h1>Models<a class="headerlink" href="#models" title="Permalink to this heading"
 <dd></dd></dl>
 
 <dl class="py method">
-<dt class="sig sig-object py" id="vaultapi.models.EnvConfig.parse_endpoints">
-<em class="property"><span class="pre">classmethod</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">parse_endpoints</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">value</span></span><span class="p"><span class="pre">:</span></span><span class="w"> </span><span class="n"><span class="pre">Union</span><span class="p"><span class="pre">[</span></span><span class="pre">Url</span><span class="p"><span class="pre">,</span></span><span class="w"> </span><span class="pre">List</span><span class="p"><span class="pre">[</span></span><span class="pre">Url</span><span class="p"><span class="pre">]</span></span><span class="p"><span class="pre">]</span></span></span></em><span class="sig-paren">)</span> <span class="sig-return"><span class="sig-return-icon">&#x2192;</span> <span class="sig-return-typehint"><span class="pre">List</span><span class="p"><span class="pre">[</span></span><span class="pre">Url</span><span class="p"><span class="pre">]</span></span></span></span><a class="headerlink" href="#vaultapi.models.EnvConfig.parse_endpoints" title="Permalink to this definition">¶</a></dt>
-<dd><p>Validate endpoints to enable CORS policy.</p>
+<dt class="sig sig-object py" id="vaultapi.models.EnvConfig.parse_allowed_origins">
+<em class="property"><span class="pre">classmethod</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">parse_allowed_origins</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">value</span></span><span class="p"><span class="pre">:</span></span><span class="w"> </span><span class="n"><span class="pre">Union</span><span class="p"><span class="pre">[</span></span><span class="pre">Url</span><span class="p"><span class="pre">,</span></span><span class="w"> </span><span class="pre">List</span><span class="p"><span class="pre">[</span></span><span class="pre">Url</span><span class="p"><span class="pre">]</span></span><span class="p"><span class="pre">]</span></span></span></em><span class="sig-paren">)</span> <span class="sig-return"><span class="sig-return-icon">&#x2192;</span> <span class="sig-return-typehint"><span class="pre">List</span><span class="p"><span class="pre">[</span></span><span class="pre">Url</span><span class="p"><span class="pre">]</span></span></span></span><a class="headerlink" href="#vaultapi.models.EnvConfig.parse_allowed_origins" title="Permalink to this definition">¶</a></dt>
+<dd><p>Validate allowed origins to enable CORS policy.</p>
 </dd></dl>
 
 <dl class="py method">
@@ -372,8 +367,8 @@ <h1>Models<a class="headerlink" href="#models" title="Permalink to this heading"
 
 <dl class="py method">
 <dt class="sig sig-object py" id="vaultapi.models.EnvConfig.parse_api_secret">
-<em class="property"><span class="pre">classmethod</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">parse_api_secret</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">value</span></span><span class="p"><span class="pre">:</span></span><span class="w"> </span><span class="n"><span class="pre">str</span><span class="w"> </span><span class="p"><span class="pre">|</span></span><span class="w"> </span><span class="pre">None</span></span></em><span class="sig-paren">)</span> <span class="sig-return"><span class="sig-return-icon">&#x2192;</span> <span class="sig-return-typehint"><span class="pre">str</span><span class="w"> </span><span class="p"><span class="pre">|</span></span><span class="w"> </span><span class="pre">None</span></span></span><a class="headerlink" href="#vaultapi.models.EnvConfig.parse_api_secret" title="Permalink to this definition">¶</a></dt>
-<dd><p>Parse API secret to validate complexity.</p>
+<em class="property"><span class="pre">classmethod</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">parse_api_secret</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">value</span></span><span class="p"><span class="pre">:</span></span><span class="w"> </span><span class="n"><span class="pre">str</span></span></em><span class="sig-paren">)</span> <span class="sig-return"><span class="sig-return-icon">&#x2192;</span> <span class="sig-return-typehint"><span class="pre">str</span></span></span><a class="headerlink" href="#vaultapi.models.EnvConfig.parse_api_secret" title="Permalink to this definition">¶</a></dt>
+<dd><p>Parse API secret to Fernet compatible.</p>
 </dd></dl>
 
 <dl class="py method">
@@ -419,16 +414,8 @@ <h1>Models<a class="headerlink" href="#models" title="Permalink to this heading"
 <hr class="docutils" />
 <span class="target" id="module-vaultapi.models"></span><dl class="py function">
 <dt class="sig sig-object py" id="vaultapi.models.complexity_checker">
-<span class="sig-prename descclassname"><span class="pre">vaultapi.models.</span></span><span class="sig-name descname"><span class="pre">complexity_checker</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">secret</span></span><span class="p"><span class="pre">:</span></span><span class="w"> </span><span class="n"><span class="pre">str</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">simple</span></span><span class="p"><span class="pre">:</span></span><span class="w"> </span><span class="n"><span class="pre">bool</span></span><span class="w"> </span><span class="o"><span class="pre">=</span></span><span class="w"> </span><span class="default_value"><span class="pre">False</span></span></em><span class="sig-paren">)</span> <span class="sig-return"><span class="sig-return-icon">&#x2192;</span> <span class="sig-return-typehint"><span class="pre">None</span></span></span><a class="headerlink" href="#vaultapi.models.complexity_checker" title="Permalink to this definition">¶</a></dt>
+<span class="sig-prename descclassname"><span class="pre">vaultapi.models.</span></span><span class="sig-name descname"><span class="pre">complexity_checker</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">secret</span></span><span class="p"><span class="pre">:</span></span><span class="w"> </span><span class="n"><span class="pre">str</span></span></em><span class="sig-paren">)</span> <span class="sig-return"><span class="sig-return-icon">&#x2192;</span> <span class="sig-return-typehint"><span class="pre">None</span></span></span><a class="headerlink" href="#vaultapi.models.complexity_checker" title="Permalink to this definition">¶</a></dt>
 <dd><p>Verifies the strength of a secret.</p>
-<dl class="field-list simple">
-<dt class="field-odd">Parameters<span class="colon">:</span></dt>
-<dd class="field-odd"><ul class="simple">
-<li><p><strong>secret</strong> – Value of the secret.</p></li>
-<li><p><strong>simple</strong> – Boolean flag to increase complexity.</p></li>
-</ul>
-</dd>
-</dl>
 <div class="admonition seealso">
 <p class="admonition-title">See also</p>
 <p>A secret is considered strong if it at least has:</p>
@@ -526,10 +513,16 @@ <h1>Payload<a class="headerlink" href="#payload" title="Permalink to this headin
 </section>
 <section id="module-vaultapi.rate_limit">
 <span id="ratelimit"></span><h1>RateLimit<a class="headerlink" href="#module-vaultapi.rate_limit" title="Permalink to this heading">¶</a></h1>
+<dl class="py function">
+<dt class="sig sig-object py" id="vaultapi.rate_limit._get_identifier">
+<span class="sig-prename descclassname"><span class="pre">vaultapi.rate_limit.</span></span><span class="sig-name descname"><span class="pre">_get_identifier</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">request</span></span><span class="p"><span class="pre">:</span></span><span class="w"> </span><span class="n"><span class="pre">Request</span></span></em><span class="sig-paren">)</span> <span class="sig-return"><span class="sig-return-icon">&#x2192;</span> <span class="sig-return-typehint"><span class="pre">str</span></span></span><a class="headerlink" href="#vaultapi.rate_limit._get_identifier" title="Permalink to this definition">¶</a></dt>
+<dd><p>Generate a unique identifier for the request.</p>
+</dd></dl>
+
 <dl class="py class">
 <dt class="sig sig-object py" id="vaultapi.rate_limit.RateLimiter">
 <em class="property"><span class="pre">class</span><span class="w"> </span></em><span class="sig-prename descclassname"><span class="pre">vaultapi.rate_limit.</span></span><span class="sig-name descname"><span class="pre">RateLimiter</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">rps</span></span><span class="p"><span class="pre">:</span></span><span class="w"> </span><span class="n"><a class="reference internal" href="#vaultapi.models.RateLimit" title="vaultapi.models.RateLimit"><span class="pre">RateLimit</span></a></span></em><span class="sig-paren">)</span><a class="headerlink" href="#vaultapi.rate_limit.RateLimiter" title="Permalink to this definition">¶</a></dt>
-<dd><p>Object that implements the <code class="docutils literal notranslate"><span class="pre">RateLimiter</span></code> functionality.</p>
+<dd><p>Rate limiter for incoming requests.</p>
 <div class="doctest highlight-default notranslate"><div class="highlight"><pre><span></span><span class="gp">&gt;&gt;&gt; </span><span class="n">RateLimiter</span>
 </pre></div>
 </div>
diff --git a/docs/objects.inv b/docs/objects.inv
index ed7e6a5ca4c74696a4d94715ab618cd677e69454..67bcf83ddfb94cfd10840bfc70d3a211f1487824 100644
GIT binary patch
delta 782
zcmV+p1M&Rw2Kfe%cz?le+b|4<?|BLj+cm~|?X747tiXx|EwCL0#b#omvZP9~8{hUC
zd%Zo$D9etWHdrL3x5Vc6laxeCa!VU-sbV>8Y?Z0*x|U_bA^Vy!QNlj2Y|TIWXUi|y
za?#H1^VRyt?Kekl8&Oy$MRqmk-UBV=tfUqK88oFEY9J=Ck$=ex4d{vBKOXBZFSS%@
z<PIz`fWB=CndDM6sV+6tvV}yrkCnil8EXPr*cYIjjft7jiOO%*_m5x{{_IET@a8{0
zYsy57H)o%N=#wj?4o$7cjHNns9ML!MsB!Q_em5(Mf>UG8I>}d}y_I6ib}3ALF`84o
zVOCS!5!)#+gnx1_U!io8)LP9p4Yq`MS=giKr6Lt8fiU5UhzSB(4|ATRIV47;W;-S>
z&{6Cex@3IbH<JXmTGj+aOSa7SqZ(`_%NU7D8k_8&%N-Wqxa^W76x9aEi3y2MWsp*A
z)+sMg8D=&?LF)7&)owH7tY+yFQ}#*ttJKdBU0jbC_kZ^>?7#+eV6ZLkiH4U3hD|EP
zvCCVEGM0Y=W84-H9`-=QH{4_JgWByVdRb2!Rkol-^x7F=CblvW)hagPLe`4ovBq|!
zsGz_l8?~dSHec+vp@gCxm$c09fP;mnLsgzzEvL9VVxKw5`(vP>HN?uS8yg?{0ZIvc
zf<GW?cYm2_g7M?_8+zoMsHq+K^>}W)PLo(kENuIl@x<Ls@RTGh+p^$l&=LnE>U`^o
zlzZDimi@YnyUvWLEKD5X1_fIqnevQdQ=*)>1cwO&S^?$$vp_f#eH(qpMdpTtX3(b1
z`x`jawRvfnj`}R&3D@P_k(#(x5?o3H>liX@6Mq3zV;PT$(Ai@hSa<BVGGw_tu5Rug
zR++KoHP%nIyvqEO-Xi<ygz>_@*n#N5-jLG`aA!I`^~U$^=VCG&^kx>nfaA^#nUx3S
zzrX*O3@w`)dlPjrep+B=C!DEnIlk~}4}MU*+u7SQ*t)~EDUN9aR2S7T=%0D!$-iII
M9S1D_0f71W@=G6w!T<mO

delta 774
zcmV+h1Nr><2J!}wcz;W7+b|G@_dbP+c59*8W)~y|8lXXq1ZbB8EsZTA6v>by#oF~6
zy<SgJQj{z?F=~>|&L-#kXNHd<sg^bzsbV>8u*y_-UCXlJkbTXVC}E#hSo6=mZTTfz
zF50<$zFPmd{pP4`BMM|vWLI<UJ<w9lN{SH3SW~*824VsmnSZ>{U_BB0kH`AUOD$Cz
zxdS8ytZz&qlU%AM)uo17wvY(-u@cxbgC>xLeF4hZn3x%zsQhMq{|H9epZzEudj8|H
zrcA_mbM`riKDk2b(A0X&Al0GcXng~Z8V670ce71VaB9q1C;3XWw^D4`E``Z2Msun+
z3^mmq!A^l8lz(&i3Z;{zh?;F0TN2`BVQ)n*6{%PWgbBBam>{6_Fy~2{Lt;c~wqxP~
z9mSrZOUCDQGf4nMsU#Dap21ejnt*7@midZS16Hz(k*K7>WdB_5?DicOZjywe+5oX#
zvjQ2P#X)75&{Tz^DM=8KI(;y;J4iXJS-QkDgh}|T)PK(qy)hqc+~3Er1B=&zu_b*^
zG`uumFxj!oTZ%H4e*$CN@ev;OK*Sg8WAKAY^(cB-JsefGphfiB8DS>2G7;4(HsV6o
zirXs@cBH7FuuC@THjrAlZJiAz6z#aAWqt=75S|XZ^4w}U#pMxa)Jfi7AqA}=R%YE`
zeC!7(C4cY<{(z|6L#PSHkIQf9b#bDma^%<Jx$!zp+MUG0&Oj|~K2cX&PozBA2D0pz
zRoqKvL}g*(2=`L6m5oe!#<3|;PF#Y+gaNI9a{omjoQZyjzT+ZuvxH{Qrp@~sIMlUy
zX_$`sBH;;Fq}^SZxJnRwE)1+=$WY}2s0JC2iGR@9+kJrUzK$|vxje3J?jBZ|!SdSf
zpKN)R`Ig=y`{{)3TYa$u(SyAqryJnTbZqs;_wMInG8^<}7QcYogB3EA2j#!N|Cr2L
zHZ=&OF2+v_o7o9xs#}g7UhTmTig!EfJ%g<~TlK^-ZGh^cItG24XP$ijn(kon4@u?s
EtZzJkrvLx|

diff --git a/docs/searchindex.js b/docs/searchindex.js
index 2a8d2b9..6de3193 100644
--- a/docs/searchindex.js
+++ b/docs/searchindex.js
@@ -1 +1 @@
-Search.setIndex({"docnames": ["README", "index"], "filenames": ["README.md", "index.rst"], "titles": ["VaultAPI", "Welcome to VaultAPI\u2019s documentation!"], "terms": {"lightweight": 0, "api": 0, "store": [0, 1], "retriev": [0, 1], "secret": [0, 1], "from": [0, 1], "an": [0, 1], "encrypt": 0, "databas": 0, "platform": 0, "support": [0, 1], "deploy": 0, "recommend": 0, "instal": 0, "python": 0, "3": 0, "10": [0, 1], "11": 0, "us": [0, 1], "dedic": 0, "virtual": 0, "m": 0, "pip": 0, "initi": 0, "id": 0, "import": 0, "__name__": 0, "__main__": 0, "start": [0, 1], "cli": 0, "help": 0, "usag": 0, "instruct": 0, "sourc": 0, "env": [0, 1], "file": [0, 1], "By": 0, "default": [0, 1], "look": 0, "current": 0, "work": 0, "directori": 0, "host": [0, 1], "hostnam": [0, 1], "server": [0, 1], "port": [0, 1], "number": [0, 1], "worker": [0, 1], "uvicorn": [0, 1], "apikei": [0, 1], "kei": [0, 1], "authent": 0, "access": [0, 1], "encod": 0, "decod": 0, "datastor": 0, "filepath": [0, 1], "rate": [0, 1], "_": 0, "limit": [0, 1], "list": [0, 1], "dictionari": [0, 1], "max_request": [0, 1], "second": [0, 1], "appli": [0, 1], "auto": 0, "gener": 0, "valu": [0, 1], "thi": [0, 1], "decrypt": 0, "keygen": 0, "cryptographi": [0, 1], "fernet": [0, 1], "print": 0, "generate_kei": 0, "docstr": 0, "format": [0, 1], "googl": 0, "style": 0, "convent": 0, "pep": 0, "8": 0, "isort": 0, "requir": [0, 1], "gitvers": 0, "revers": 0, "f": 0, "release_not": 0, "rst": 0, "t": 0, "pre": 0, "commit": 0, "ensur": 0, "run": 0, "pytest": 0, "valid": [0, 1], "hyperlink": 0, "all": [0, 1], "markdown": 0, "includ": 0, "wiki": 0, "page": [0, 1], "sphinx": 0, "5": 0, "1": [0, 1], "recommonmark": 0, "http": 0, "org": 0, "project": 0, "thevickypedia": 0, "github": 0, "io": 0, "vignesh": 0, "rao": 0, "under": 0, "mit": 0, "kick": 1, "off": 1, "environ": 1, "variabl": 1, "code": 1, "standard": 1, "releas": 1, "note": 1, "lint": 1, "pypi": 1, "packag": 1, "runbook": 1, "licens": 1, "copyright": 1, "enable_cor": 1, "none": 1, "enabl": 1, "cor": 1, "polici": 1, "kwarg": 1, "starter": 1, "function": 1, "which": 1, "trigger": 1, "keyword": 1, "argument": 1, "env_fil": 1, "load": 1, "auth": 1, "handl": 1, "error": 1, "rate_limit": 1, "log_config": 1, "log": 1, "configur": 1, "dict": 1, "yaml": 1, "yml": 1, "json": 1, "ini": 1, "epoch": 1, "async": 1, "request": 1, "httpauthorizationcredenti": 1, "httpbearer": 1, "paramet": 1, "take": 1, "author": 1, "header": 1, "token": 1, "basic": 1, "rais": 1, "apirespons": 1, "401": 1, "If": 1, "i": 1, "invalid": 1, "403": 1, "address": 1, "forbidden": 1, "table_exist": 1, "table_nam": 1, "str": 1, "bool": 1, "check": 1, "exist": 1, "name": 1, "create_t": 1, "column": 1, "union": 1, "tupl": 1, "creat": 1, "ha": 1, "get_secret": 1, "where": 1, "return": 1, "type": 1, "get_tabl": 1, "pair": 1, "particular": 1, "ar": 1, "put_secret": 1, "add": 1, "remove_secret": 1, "remov": 1, "drop_tabl": 1, "drop": 1, "status_cod": 1, "int": 1, "detail": 1, "ani": 1, "option": 1, "custom": 1, "httpexcept": 1, "fastapi": 1, "wrap": 1, "respons": 1, "class": 1, "basemodel": 1, "object": 1, "set": 1, "session": 1, "inform": 1, "info": 1, "rp": 1, "allowed_origin": 1, "config": 1, "allow": 1, "arbitrari": 1, "arbitrary_types_allow": 1, "true": 1, "envconfig": 1, "baseset": 1, "path": 1, "endpoint": 1, "url": 1, "classmethod": 1, "parse_endpoint": 1, "parse_apikei": 1, "pars": 1, "complex": 1, "parse_api_secret": 1, "from_env_fil": 1, "instanc": 1, "extra": 1, "ignor": 1, "hide_input_in_error": 1, "complexity_check": 1, "simpl": 1, "fals": 1, "verifi": 1, "strength": 1, "boolean": 1, "flag": 1, "increas": 1, "A": 1, "consid": 1, "strong": 1, "least": 1, "32": 1, "charact": 1, "digit": 1, "symbol": 1, "uppercas": 1, "letter": 1, "lowercas": 1, "assertionerror": 1, "when": 1, "abov": 1, "condit": 1, "fail": 1, "match": 1, "timeout": 1, "connect": 1, "instanti": 1, "cursor": 1, "alia": 1, "deletesecret": 1, "delet": 1, "call": 1, "putsecret": 1, "put": 1, "implement": 1, "init": 1, "exce": 1, "given": 1, "identifi": 1, "The": 1, "incom": 1, "429": 1, "too": 1, "mani": 1, "retrieve_secret": 1, "multipl": 1, "whole": 1, "have": 1, "depend": 1, "arg": 1, "refer": 1, "httpstatu": 1, "statu": 1, "time": 1, "comma": 1, "separ": 1, "data": 1, "bodi": 1, "delete_secret": 1, "new": 1, "health": 1, "healthcheck": 1, "doc": 1, "redirectrespons": 1, "redirect": 1, "user": 1, "get_all_rout": 1, "apirout": 1, "get": 1, "ad": 1, "envfile_load": 1, "filenam": 1, "o": 1, "pathlik": 1, "base": 1, "filetyp": 1, "var": 1, "load_env": 1, "merg": 1, "give": 1, "prioriti": 1, "partial": 1, "through": 1, "dotenv_to_t": 1, "dotenv_fil": 1, "drop_exist": 1, "dot": 1, "index": 1, "modul": 1, "search": 1}, "objects": {"vaultapi": [[1, 0, 0, "-", "auth"], [1, 0, 0, "-", "database"], [1, 0, 0, "-", "exceptions"], [1, 0, 0, "-", "main"], [1, 0, 0, "-", "models"], [1, 0, 0, "-", "rate_limit"], [1, 0, 0, "-", "routes"], [1, 0, 0, "-", "squire"], [1, 0, 0, "-", "util"]], "vaultapi.auth": [[1, 1, 1, "", "EPOCH"], [1, 1, 1, "", "validate"]], "vaultapi.database": [[1, 1, 1, "", "create_table"], [1, 1, 1, "", "drop_table"], [1, 1, 1, "", "get_secret"], [1, 1, 1, "", "get_table"], [1, 1, 1, "", "put_secret"], [1, 1, 1, "", "remove_secret"], [1, 1, 1, "", "table_exists"]], "vaultapi.exceptions": [[1, 2, 1, "", "APIResponse"]], "vaultapi.main": [[1, 1, 1, "", "enable_cors"], [1, 1, 1, "", "start"]], "vaultapi.models": [[1, 3, 1, "", "Database"], [1, 3, 1, "", "EnvConfig"], [1, 3, 1, "", "RateLimit"], [1, 3, 1, "", "Session"], [1, 1, 1, "", "complexity_checker"], [1, 4, 1, "", "database"], [1, 4, 1, "", "env"]], "vaultapi.models.EnvConfig": [[1, 3, 1, "", "Config"], [1, 4, 1, "", "allowed_origins"], [1, 4, 1, "", "apikey"], [1, 4, 1, "", "database"], [1, 4, 1, "", "endpoints"], [1, 5, 1, "", "from_env_file"], [1, 4, 1, "", "host"], [1, 4, 1, "", "log_config"], [1, 5, 1, "", "parse_api_secret"], [1, 5, 1, "", "parse_apikey"], [1, 5, 1, "", "parse_endpoints"], [1, 4, 1, "", "port"], [1, 4, 1, "", "rate_limit"], [1, 4, 1, "", "secret"], [1, 4, 1, "", "workers"]], "vaultapi.models.EnvConfig.Config": [[1, 4, 1, "", "arbitrary_types_allowed"], [1, 4, 1, "", "extra"], [1, 4, 1, "", "hide_input_in_errors"]], "vaultapi.models.RateLimit": [[1, 4, 1, "", "max_requests"], [1, 4, 1, "", "seconds"]], "vaultapi.models.Session": [[1, 3, 1, "", "Config"], [1, 4, 1, "", "allowed_origins"], [1, 4, 1, "", "fernet"], [1, 4, 1, "", "info"], [1, 4, 1, "", "rps"]], "vaultapi.models.Session.Config": [[1, 4, 1, "", "arbitrary_types_allowed"]], "vaultapi.payload": [[1, 3, 1, "", "DeleteSecret"], [1, 3, 1, "", "PutSecret"]], "vaultapi.payload.DeleteSecret": [[1, 4, 1, "", "key"], [1, 4, 1, "", "table_name"]], "vaultapi.payload.PutSecret": [[1, 4, 1, "", "key"], [1, 4, 1, "", "table_name"], [1, 4, 1, "", "value"]], "vaultapi.rate_limit": [[1, 3, 1, "", "RateLimiter"]], "vaultapi.rate_limit.RateLimiter": [[1, 5, 1, "", "init"]], "vaultapi.routes": [[1, 1, 1, "", "create_table"], [1, 1, 1, "", "delete_secret"], [1, 1, 1, "", "docs"], [1, 1, 1, "", "get_all_routes"], [1, 1, 1, "", "get_secret"], [1, 1, 1, "", "get_secrets"], [1, 1, 1, "", "get_table"], [1, 1, 1, "", "health"], [1, 1, 1, "", "put_secret"], [1, 1, 1, "", "put_secrets"], [1, 1, 1, "", "retrieve_secret"], [1, 1, 1, "", "retrieve_secrets"]], "vaultapi.squire": [[1, 1, 1, "", "envfile_loader"], [1, 1, 1, "", "load_env"]], "vaultapi.util": [[1, 1, 1, "", "dotenv_to_table"]]}, "objtypes": {"0": "py:module", "1": "py:function", "2": "py:exception", "3": "py:class", "4": "py:attribute", "5": "py:method"}, "objnames": {"0": ["py", "module", "Python module"], "1": ["py", "function", "Python function"], "2": ["py", "exception", "Python exception"], "3": ["py", "class", "Python class"], "4": ["py", "attribute", "Python attribute"], "5": ["py", "method", "Python method"]}, "titleterms": {"vaultapi": [0, 1], "kick": 0, "off": 0, "environ": 0, "variabl": 0, "code": 0, "standard": 0, "releas": 0, "note": 0, "lint": 0, "pypi": 0, "packag": 0, "runbook": 0, "licens": 0, "copyright": 0, "welcom": 1, "": 1, "document": 1, "content": 1, "main": 1, "authent": 1, "databas": 1, "except": 1, "model": 1, "payload": 1, "ratelimit": 1, "api": 1, "rout": 1, "squir": 1, "util": 1, "indic": 1, "tabl": 1}, "envversion": {"sphinx.domains.c": 2, "sphinx.domains.changeset": 1, "sphinx.domains.citation": 1, "sphinx.domains.cpp": 6, "sphinx.domains.index": 1, "sphinx.domains.javascript": 2, "sphinx.domains.math": 2, "sphinx.domains.python": 3, "sphinx.domains.rst": 2, "sphinx.domains.std": 2, "sphinx": 56}})
\ No newline at end of file
+Search.setIndex({"docnames": ["README", "index"], "filenames": ["README.md", "index.rst"], "titles": ["VaultAPI", "Welcome to VaultAPI\u2019s documentation!"], "terms": {"lightweight": 0, "api": 0, "store": [0, 1], "retriev": [0, 1], "secret": [0, 1], "from": [0, 1], "an": [0, 1], "encrypt": 0, "databas": 0, "platform": 0, "support": [0, 1], "deploy": 0, "recommend": 0, "instal": 0, "python": 0, "3": 0, "10": [0, 1], "11": 0, "us": [0, 1], "dedic": 0, "virtual": 0, "m": 0, "pip": 0, "initi": 0, "id": 0, "import": 0, "__name__": 0, "__main__": 0, "start": [0, 1], "cli": 0, "help": 0, "usag": 0, "instruct": 0, "sourc": 0, "env": [0, 1], "file": [0, 1], "By": 0, "default": [0, 1], "look": 0, "current": 0, "work": 0, "directori": 0, "host": [0, 1], "hostnam": [0, 1], "server": [0, 1], "port": [0, 1], "number": [0, 1], "worker": [0, 1], "uvicorn": [0, 1], "apikei": [0, 1], "kei": [0, 1], "authent": 0, "access": [0, 1], "encod": 0, "decod": 0, "datastor": 0, "filepath": [0, 1], "rate": [0, 1], "_": 0, "limit": [0, 1], "list": [0, 1], "dictionari": [0, 1], "max_request": [0, 1], "second": [0, 1], "appli": [0, 1], "auto": 0, "gener": [0, 1], "valu": [0, 1], "thi": [0, 1], "decrypt": 0, "keygen": 0, "cryptographi": [0, 1], "fernet": [0, 1], "print": 0, "generate_kei": 0, "docstr": 0, "format": [0, 1], "googl": 0, "style": 0, "convent": 0, "pep": 0, "8": 0, "isort": 0, "requir": [0, 1], "gitvers": 0, "revers": 0, "f": 0, "release_not": 0, "rst": 0, "t": 0, "pre": 0, "commit": 0, "ensur": 0, "run": 0, "pytest": 0, "valid": [0, 1], "hyperlink": 0, "all": [0, 1], "markdown": 0, "includ": 0, "wiki": 0, "page": [0, 1], "sphinx": 0, "5": 0, "1": [0, 1], "recommonmark": 0, "http": 0, "org": 0, "project": 0, "thevickypedia": 0, "github": 0, "io": 0, "vignesh": 0, "rao": 0, "under": 0, "mit": 0, "kick": 1, "off": 1, "environ": 1, "variabl": 1, "code": 1, "standard": 1, "releas": 1, "note": 1, "lint": 1, "pypi": 1, "packag": 1, "runbook": 1, "licens": 1, "copyright": 1, "enable_cor": 1, "none": 1, "enabl": 1, "cor": 1, "polici": 1, "kwarg": 1, "starter": 1, "function": 1, "which": 1, "trigger": 1, "keyword": 1, "argument": 1, "env_fil": 1, "load": 1, "auth": 1, "handl": 1, "error": 1, "rate_limit": 1, "log_config": 1, "log": 1, "configur": 1, "dict": 1, "yaml": 1, "yml": 1, "json": 1, "ini": 1, "epoch": 1, "async": 1, "request": 1, "httpauthorizationcredenti": 1, "httpbearer": 1, "paramet": 1, "take": 1, "author": 1, "header": 1, "token": 1, "basic": 1, "rais": 1, "apirespons": 1, "401": 1, "If": 1, "i": 1, "invalid": 1, "403": 1, "address": 1, "forbidden": 1, "table_exist": 1, "table_nam": 1, "str": 1, "bool": 1, "check": 1, "exist": 1, "name": 1, "create_t": 1, "column": 1, "union": 1, "tupl": 1, "creat": 1, "ha": 1, "get_secret": 1, "where": 1, "return": 1, "type": 1, "get_tabl": 1, "pair": 1, "particular": 1, "ar": 1, "put_secret": 1, "add": 1, "remove_secret": 1, "remov": 1, "drop_tabl": 1, "drop": 1, "status_cod": 1, "int": 1, "detail": 1, "ani": 1, "option": 1, "custom": 1, "httpexcept": 1, "fastapi": 1, "wrap": 1, "respons": 1, "class": 1, "basemodel": 1, "object": 1, "set": 1, "session": 1, "inform": 1, "info": 1, "rp": 1, "allowed_origin": 1, "config": 1, "allow": 1, "arbitrari": 1, "arbitrary_types_allow": 1, "true": 1, "envconfig": 1, "baseset": 1, "path": 1, "url": 1, "classmethod": 1, "parse_allowed_origin": 1, "origin": 1, "parse_apikei": 1, "pars": 1, "complex": 1, "parse_api_secret": 1, "compat": 1, "from_env_fil": 1, "instanc": 1, "extra": 1, "ignor": 1, "hide_input_in_error": 1, "complexity_check": 1, "verifi": 1, "strength": 1, "A": 1, "consid": 1, "strong": 1, "least": 1, "32": 1, "charact": 1, "digit": 1, "symbol": 1, "uppercas": 1, "letter": 1, "lowercas": 1, "assertionerror": 1, "when": 1, "abov": 1, "condit": 1, "fail": 1, "match": 1, "timeout": 1, "connect": 1, "instanti": 1, "cursor": 1, "alia": 1, "deletesecret": 1, "delet": 1, "call": 1, "putsecret": 1, "put": 1, "_get_identifi": 1, "uniqu": 1, "identifi": 1, "incom": 1, "init": 1, "exce": 1, "given": 1, "The": 1, "429": 1, "too": 1, "mani": 1, "retrieve_secret": 1, "multipl": 1, "whole": 1, "have": 1, "depend": 1, "arg": 1, "refer": 1, "httpstatu": 1, "statu": 1, "time": 1, "comma": 1, "separ": 1, "data": 1, "bodi": 1, "delete_secret": 1, "new": 1, "health": 1, "healthcheck": 1, "endpoint": 1, "doc": 1, "redirectrespons": 1, "redirect": 1, "user": 1, "get_all_rout": 1, "apirout": 1, "get": 1, "ad": 1, "envfile_load": 1, "filenam": 1, "o": 1, "pathlik": 1, "base": 1, "filetyp": 1, "var": 1, "load_env": 1, "merg": 1, "give": 1, "prioriti": 1, "partial": 1, "through": 1, "dotenv_to_t": 1, "dotenv_fil": 1, "drop_exist": 1, "fals": 1, "dot": 1, "boolean": 1, "flag": 1, "index": 1, "modul": 1, "search": 1}, "objects": {"vaultapi": [[1, 0, 0, "-", "auth"], [1, 0, 0, "-", "database"], [1, 0, 0, "-", "exceptions"], [1, 0, 0, "-", "main"], [1, 0, 0, "-", "models"], [1, 0, 0, "-", "rate_limit"], [1, 0, 0, "-", "routes"], [1, 0, 0, "-", "squire"], [1, 0, 0, "-", "util"]], "vaultapi.auth": [[1, 1, 1, "", "EPOCH"], [1, 1, 1, "", "validate"]], "vaultapi.database": [[1, 1, 1, "", "create_table"], [1, 1, 1, "", "drop_table"], [1, 1, 1, "", "get_secret"], [1, 1, 1, "", "get_table"], [1, 1, 1, "", "put_secret"], [1, 1, 1, "", "remove_secret"], [1, 1, 1, "", "table_exists"]], "vaultapi.exceptions": [[1, 2, 1, "", "APIResponse"]], "vaultapi.main": [[1, 1, 1, "", "enable_cors"], [1, 1, 1, "", "start"]], "vaultapi.models": [[1, 3, 1, "", "Database"], [1, 3, 1, "", "EnvConfig"], [1, 3, 1, "", "RateLimit"], [1, 3, 1, "", "Session"], [1, 1, 1, "", "complexity_checker"], [1, 4, 1, "", "database"], [1, 4, 1, "", "env"]], "vaultapi.models.EnvConfig": [[1, 3, 1, "", "Config"], [1, 4, 1, "", "allowed_origins"], [1, 4, 1, "", "apikey"], [1, 4, 1, "", "database"], [1, 5, 1, "", "from_env_file"], [1, 4, 1, "", "host"], [1, 4, 1, "", "log_config"], [1, 5, 1, "", "parse_allowed_origins"], [1, 5, 1, "", "parse_api_secret"], [1, 5, 1, "", "parse_apikey"], [1, 4, 1, "", "port"], [1, 4, 1, "", "rate_limit"], [1, 4, 1, "", "secret"], [1, 4, 1, "", "workers"]], "vaultapi.models.EnvConfig.Config": [[1, 4, 1, "", "arbitrary_types_allowed"], [1, 4, 1, "", "extra"], [1, 4, 1, "", "hide_input_in_errors"]], "vaultapi.models.RateLimit": [[1, 4, 1, "", "max_requests"], [1, 4, 1, "", "seconds"]], "vaultapi.models.Session": [[1, 3, 1, "", "Config"], [1, 4, 1, "", "allowed_origins"], [1, 4, 1, "", "fernet"], [1, 4, 1, "", "info"], [1, 4, 1, "", "rps"]], "vaultapi.models.Session.Config": [[1, 4, 1, "", "arbitrary_types_allowed"]], "vaultapi.payload": [[1, 3, 1, "", "DeleteSecret"], [1, 3, 1, "", "PutSecret"]], "vaultapi.payload.DeleteSecret": [[1, 4, 1, "", "key"], [1, 4, 1, "", "table_name"]], "vaultapi.payload.PutSecret": [[1, 4, 1, "", "key"], [1, 4, 1, "", "table_name"], [1, 4, 1, "", "value"]], "vaultapi.rate_limit": [[1, 3, 1, "", "RateLimiter"], [1, 1, 1, "", "_get_identifier"]], "vaultapi.rate_limit.RateLimiter": [[1, 5, 1, "", "init"]], "vaultapi.routes": [[1, 1, 1, "", "create_table"], [1, 1, 1, "", "delete_secret"], [1, 1, 1, "", "docs"], [1, 1, 1, "", "get_all_routes"], [1, 1, 1, "", "get_secret"], [1, 1, 1, "", "get_secrets"], [1, 1, 1, "", "get_table"], [1, 1, 1, "", "health"], [1, 1, 1, "", "put_secret"], [1, 1, 1, "", "put_secrets"], [1, 1, 1, "", "retrieve_secret"], [1, 1, 1, "", "retrieve_secrets"]], "vaultapi.squire": [[1, 1, 1, "", "envfile_loader"], [1, 1, 1, "", "load_env"]], "vaultapi.util": [[1, 1, 1, "", "dotenv_to_table"]]}, "objtypes": {"0": "py:module", "1": "py:function", "2": "py:exception", "3": "py:class", "4": "py:attribute", "5": "py:method"}, "objnames": {"0": ["py", "module", "Python module"], "1": ["py", "function", "Python function"], "2": ["py", "exception", "Python exception"], "3": ["py", "class", "Python class"], "4": ["py", "attribute", "Python attribute"], "5": ["py", "method", "Python method"]}, "titleterms": {"vaultapi": [0, 1], "kick": 0, "off": 0, "environ": 0, "variabl": 0, "code": 0, "standard": 0, "releas": 0, "note": 0, "lint": 0, "pypi": 0, "packag": 0, "runbook": 0, "licens": 0, "copyright": 0, "welcom": 1, "": 1, "document": 1, "content": 1, "main": 1, "authent": 1, "databas": 1, "except": 1, "model": 1, "payload": 1, "ratelimit": 1, "api": 1, "rout": 1, "squir": 1, "util": 1, "indic": 1, "tabl": 1}, "envversion": {"sphinx.domains.c": 2, "sphinx.domains.changeset": 1, "sphinx.domains.citation": 1, "sphinx.domains.cpp": 6, "sphinx.domains.index": 1, "sphinx.domains.javascript": 2, "sphinx.domains.math": 2, "sphinx.domains.python": 3, "sphinx.domains.rst": 2, "sphinx.domains.std": 2, "sphinx": 56}})
\ No newline at end of file
diff --git a/vaultapi/auth.py b/vaultapi/auth.py
index 0e07a46..8d2144c 100644
--- a/vaultapi/auth.py
+++ b/vaultapi/auth.py
@@ -25,6 +25,15 @@ async def validate(request: Request, apikey: HTTPAuthorizationCredentials) -> No
         - 401: If authorization is invalid.
         - 403: If host address is forbidden.
     """
+    if request.client.host not in models.session.allowed_origins:
+        LOGGER.info(
+            "Host: %s has been blocked since it is not added to allowed list",
+            request.client.host,
+        )
+        LOGGER.info(models.session.allowed_origins)
+        raise exceptions.APIResponse(
+            status_code=HTTPStatus.FORBIDDEN.real, detail=HTTPStatus.FORBIDDEN.phrase
+        )
     if apikey.credentials.startswith("\\"):
         auth = bytes(apikey.credentials, "utf-8").decode(encoding="unicode_escape")
     else:
diff --git a/vaultapi/main.py b/vaultapi/main.py
index 13bd4fd..e4cc8ab 100644
--- a/vaultapi/main.py
+++ b/vaultapi/main.py
@@ -21,6 +21,14 @@ def __init__(**kwargs) -> None:
     models.env = squire.load_env(**kwargs)
     models.session.fernet = Fernet(models.env.secret)
     models.database = models.Database(models.env.database)
+    default_allowed = ("0.0.0.0", "127.0.0.1", "localhost")
+    if models.env.host in default_allowed:
+        models.session.allowed_origins.update(default_allowed)
+    else:
+        models.session.allowed_origins.add(models.env.host)
+    for allowed in models.env.allowed_origins:
+        models.session.allowed_origins.add(allowed.host)
+    LOGGER.info("Allowed origins: %s", models.session.allowed_origins)
 
 
 def enable_cors() -> None:
@@ -30,7 +38,7 @@ def enable_cors() -> None:
         "http://localhost.com",
         "https://localhost.com",
     ]
-    for website in models.env.endpoints:
+    for website in models.env.allowed_origins:
         origins.append(f"http://{website.host}")  # noqa: HttpUrlsUsage
         origins.append(f"https://{website.host}")
     VaultAPI.add_middleware(
diff --git a/vaultapi/models.py b/vaultapi/models.py
index 8ffa3f6..e3b54f6 100644
--- a/vaultapi/models.py
+++ b/vaultapi/models.py
@@ -17,13 +17,9 @@
 from pydantic_settings import BaseSettings
 
 
-def complexity_checker(secret: str, simple: bool = False) -> None:
+def complexity_checker(secret: str) -> None:
     """Verifies the strength of a secret.
 
-    Args:
-        secret: Value of the secret.
-        simple: Boolean flag to increase complexity.
-
     See Also:
         A secret is considered strong if it at least has:
 
@@ -36,19 +32,14 @@ def complexity_checker(secret: str, simple: bool = False) -> None:
     Raises:
         AssertionError: When at least 1 of the above conditions fail to match.
     """
-    char_limit = 8 if simple else 32
-
     # calculates the length
     assert (
-        len(secret) >= char_limit
-    ), f"Minimum secret length is {char_limit}, received {len(secret)}"
+        len(secret) >= 32
+    ), f"secret length must be at least 32, received {len(secret)}"
 
     # searches for digits
     assert re.search(r"\d", secret), "secret must include an integer"
 
-    if simple:
-        return
-
     # searches for uppercase
     assert re.search(
         r"[A-Z]", secret
@@ -61,7 +52,7 @@ def complexity_checker(secret: str, simple: bool = False) -> None:
 
     # searches for symbols
     assert re.search(
-        r"[ !#$%&'()*+,-./[\\\]^_`{|}~" + r'"]', secret
+        r"[ !@#$%^&*()_='+,-./[\\\]`{|}~" + r'"]', secret
     ), "secret must contain at least one special character"
 
 
@@ -126,19 +117,28 @@ class EnvConfig(BaseSettings):
     apikey: str
     secret: str
     database: FilePath | NewPath | str = Field("secrets.db", pattern=".*.db$")
-    endpoints: HttpUrl | List[HttpUrl] = []
     host: str = socket.gethostbyname("localhost") or "0.0.0.0"
     port: PositiveInt = 8080
     workers: PositiveInt = 1
     log_config: FilePath | Dict[str, Any] | None = None
-    allowed_origins: List[str] = []
-    rate_limit: RateLimit | List[RateLimit] = []
-
-    @field_validator("endpoints", mode="after", check_fields=True)
-    def parse_endpoints(
+    allowed_origins: HttpUrl | List[HttpUrl] = []
+    # This is a base rate limit configuration
+    rate_limit: RateLimit | List[RateLimit] = [
+        {
+            "max_requests": 5,
+            "seconds": 2,
+        },  # Burst limit: Prevents excessive load on the server
+        {
+            "max_requests": 10,
+            "seconds": 30,
+        },  # Sustained limit: Prevents too many trial and errors
+    ]
+
+    @field_validator("allowed_origins", mode="after", check_fields=True)
+    def parse_allowed_origins(
         cls, value: HttpUrl | List[HttpUrl]  # noqa: PyMethodParameters
     ) -> List[HttpUrl]:
-        """Validate endpoints to enable CORS policy."""
+        """Validate allowed origins to enable CORS policy."""
         if isinstance(value, list):
             return value
         return [value]
@@ -148,22 +148,20 @@ def parse_apikey(cls, value: str | None) -> str | None:  # noqa: PyMethodParamet
         """Parse API key to validate complexity."""
         if value:
             try:
-                complexity_checker(value, True)
+                complexity_checker(value)
             except AssertionError as error:
                 raise ValueError(error.__str__())
             return value
 
     @field_validator("secret", mode="after")
-    def parse_api_secret(
-        cls, value: str | None  # noqa: PyMethodParameters
-    ) -> str | None:
-        """Parse API secret to validate complexity."""
-        if value:
-            try:
-                complexity_checker(value)
-            except AssertionError as error:
-                raise ValueError(error.__str__())
-            return value
+    def parse_api_secret(cls, value: str) -> str:  # noqa: PyMethodParameters
+        """Parse API secret to Fernet compatible."""
+        try:
+            Fernet(value)
+        except ValueError as error:
+            exc = f"{error}\n\tConsider using 'vaultapi keygen' command to generate a valid secret."
+            raise ValueError(exc)
+        return value
 
     @classmethod
     def from_env_file(cls, env_file: pathlib.Path) -> "EnvConfig":
diff --git a/vaultapi/rate_limit.py b/vaultapi/rate_limit.py
index d7355a7..e3b68dd 100644
--- a/vaultapi/rate_limit.py
+++ b/vaultapi/rate_limit.py
@@ -1,14 +1,23 @@
 import math
 import time
+from collections import defaultdict
 from http import HTTPStatus
+from threading import Lock
 
 from fastapi import HTTPException, Request
 
 from . import models
 
 
+def _get_identifier(request: Request) -> str:
+    """Generate a unique identifier for the request."""
+    if forwarded := request.headers.get("x-forwarded-for"):
+        return f"{forwarded.split(',')[0]}:{request.url.path}"
+    return f"{request.client.host}:{request.url.path}"
+
+
 class RateLimiter:
-    """Object that implements the ``RateLimiter`` functionality.
+    """Rate limiter for incoming requests.
 
     >>> RateLimiter
 
@@ -27,13 +36,8 @@ def __init__(self, rps: models.RateLimit):
         """
         self.max_requests = rps.max_requests
         self.seconds = rps.seconds
-        self.start_time = time.time()
-        self.exception = HTTPException(
-            status_code=HTTPStatus.TOO_MANY_REQUESTS.value,
-            detail=HTTPStatus.TOO_MANY_REQUESTS.phrase,
-            # reset headers, which will invalidate auth token
-            headers={"Retry-After": str(math.ceil(self.seconds))},
-        )
+        self.locks = defaultdict(Lock)  # For thread-safe access
+        self.requests = defaultdict(list)
 
     def init(self, request: Request) -> None:
         """Checks if the number of calls exceeds the rate limit for the given identifier.
@@ -44,23 +48,21 @@ def init(self, request: Request) -> None:
         Raises:
             429: Too many requests.
         """
-        if forwarded := request.headers.get("x-forwarded-for"):
-            identifier = forwarded.split(",")[0]
-        else:
-            identifier = request.client.host
-        identifier += ":" + request.url.path
-
+        identifier = _get_identifier(request)
         current_time = time.time()
 
-        # Reset if the time window has passed
-        if current_time - self.start_time > self.seconds:
-            models.session.rps[identifier] = 1
-            self.start_time = current_time
-
-        if models.session.rps.get(identifier):
-            if models.session.rps[identifier] >= self.max_requests:
-                raise self.exception
-            else:
-                models.session.rps[identifier] += 1
-        else:
-            models.session.rps[identifier] = 1
+        with self.locks[identifier]:
+            # Clean up expired timestamps
+            self.requests[identifier] = [
+                timestamp
+                for timestamp in self.requests[identifier]
+                if current_time - timestamp < self.seconds
+            ]
+
+            if len(self.requests[identifier]) >= self.max_requests:
+                raise HTTPException(
+                    status_code=HTTPStatus.TOO_MANY_REQUESTS.value,
+                    detail=HTTPStatus.TOO_MANY_REQUESTS.phrase,
+                    headers={"Retry-After": str(math.ceil(self.seconds))},
+                )
+            self.requests[identifier].append(current_time)