Time flies while you're having fun, but then one day your bio says something about being a 30+ year veteran in software engineering. Still, I've not seen it all, let alone done it all (yet).
Stateless in the context of REST APIs means not storing any data about the clients sessions on the server. Every request should be treated without regard to any previous (or future) requests.
Normally, you would make it the clients responsibility to send any needed state with each request, but in this particular case, that would create a big security hole.
Therefore, you will need to consider this logon attempts limit as resource state and persist it to your back-end data store (database). Once it's there, its shared between your instances, and load balancing problem is basically solved.
(Or go OAuth and let someone else worry about it!)
I've always loved robotics so I focused on learning that. I've worked on destkop applications, on drones, and now on exoskeletons! Web dev looks scary to me but there is a lot of potential there.
Location
France
Education
Master of Engineering
Work
Critical Embedded Software engineer at Wandercraft
Stateless in the context of REST APIs means not storing any data about the clients sessions on the server. Every request should be treated without regard to any previous (or future) requests.
Normally, you would make it the clients responsibility to send any needed state with each request, but in this particular case, that would create a big security hole.
Therefore, you will need to consider this logon attempts limit as resource state and persist it to your back-end data store (database). Once it's there, its shared between your instances, and load balancing problem is basically solved.
(Or go OAuth and let someone else worry about it!)
Thanks for this explanation I didn't understand well the concept of stateless until now :)