Re-implement internal throttling or rate limiting from scratch

README.md

@@ -304,6 +304,9 @@ catch (\Delight\Auth\NotLoggedInException $e) {
 catch (\Delight\Auth\InvalidPasswordException $e) {
     // invalid password(s)
 }
+catch (\Delight\Auth\TooManyRequestsException $e) {
+    // too many requests
+}
 ```
 
 Asking the user for their current (and soon *old*) password and requiring it for verification is the recommended way to handle password changes. This is shown above.
@@ -348,6 +351,9 @@ catch (\Delight\Auth\EmailNotVerifiedException $e) {
 catch (\Delight\Auth\NotLoggedInException $e) {
     // not logged in
 }
+catch (\Delight\Auth\TooManyRequestsException $e) {
+    // too many requests
+}
 ```
 
 For email verification, you should build an URL with the selector and token and send it to the user, e.g.:
@@ -541,6 +547,9 @@ try {
 catch (\Delight\Auth\NotLoggedInException $e) {
     // the user is not signed in
 }
+catch (\Delight\Auth\TooManyRequestsException $e) {
+    // too many requests
+}
 ```
 
 ### Roles (or groups)