Moved default rule adding to accounts_base and added a way to remove the default login rule. Updated ddp rate limiter server tests to test removing the default rule

packages/accounts-base/accounts_rate_limit.js

@@ -0,0 +1,17 @@
+// Adds a default rate limiting rule to DDPRateLimiter and provides methods to remove it
+var Ap = AccountsCommon.prototype;
+// Add a default rule of limiting logins to 5 times per 10 seconds by IP address.
+// Stores the ruleId to remove it when called
+Ap._defaultRateLimiterRuleId = DDPRateLimiter.addRule({
+  userId: null,
+  ipAddr: function (ipAddr) {
+    return true;
+  },
+  type: 'method',
+  name: 'login'
+}, 5, 1000);
+
+// Removes default rate limiting rule
+Ap.removeDefaultAccountsRateLimitRule = function () {
+	return DDPRateLimiter.removeRule(Ap._defaultRateLimiterRuleId);
+}

packages/accounts-base/package.js

@@ -5,6 +5,7 @@ Package.describe({
 
 Package.onUse(function (api) {
   api.use('underscore', ['client', 'server']);
+  api.use('ddp-rate-limiter');
   api.use('localstorage', 'client');
   api.use('tracker', 'client');
   api.use('check', 'server');
@@ -40,6 +41,7 @@ Package.onUse(function (api) {
 
   api.addFiles('accounts_common.js', ['client', 'server']);
   api.addFiles('accounts_server.js', 'server');
+  api.addFiles('accounts_rate_limit.js');
   api.addFiles('url_server.js', 'server');
 
   // accounts_client must be before localstorage_token, because

packages/ddp-rate-limiter/ddp-rate-limiter-server-tests.js

@@ -17,4 +17,10 @@ Meteor.methods({
 	printCurrentListOfRules : function () {
 		console.log('Current list of rules :', DDPRateLimiter.rateLimiter.rules);
 	}
-});
+});
+
+Tinytest.add("Test rule gets added and removed from Accounts_base", function(test) {
+	test.notEqual(DDPRateLimiter.rateLimiter.rules, {});
+	Accounts.removeDefaultAccountsRateLimitRule();
+	test.equal(DDPRateLimiter.rateLimiter.rules, {});
+});