# Paste into NPM Custom Location advanced config for:
# - /api/auth/login
# - /api/auth/register
#
# Requires `limit_req_zone fiddy_auth` in http context.

# Keep request-id forwarding/header here too because this location is
# more specific than `/` and can bypass root location directives.
add_header X-Request-Id $request_id always;
proxy_set_header X-Request-Id $request_id;

limit_req zone=fiddy_auth burst=15 nodelay;