{
    "": 
        {"seconds": 60, "max": 30, "_comment": "Global unauthenticated ratelimit."},

    "GET:/v1/doot": 
        {"seconds": 5, "max": 5, "_comment": "Unauthenticated DOOT for server monitoring."},

    "POST:/v1/login": 
        {"seconds": 60, "max": 3, "_comment": "Prevent bruteforce attacks on Login."},

    "POST:/v1/admin": 
        {"seconds": 60, "max": 1, "_comment": "Prevent bruteforce attacks on Admin Login."},

    "POST:/v1/signup": 
        {"seconds": 1800, "max": 1, "_comment": "Prevent spam account creation."},

    "POST:/v1/forgot": 
        {"seconds": 60, "max": 1, "_comment": "Slow down 'forgot password' enumeration/spam."}
}