We have a search engine site made with [login to view URL] and now you can search free. But we want to create a login/authentication page for the site. Ideally, we would like people to be able to search freely, but after 5 searches, you need to register to keep using the page.
Currently our setup for our search engine is merely an InstantSearch ( [login to view URL] ) front-end ( [login to view URL]) to an open-source engine called TypeSense ([login to view URL]) . We made specialized scripts to clean and load the government transparency data into the Typesense instance.
Currently, the front-end is public and has unlimited usage, but we want to limit the daily searches available for each visitor (similar to newspaper paywalls), while still allowing people to request a fair use account (for journalists, by example).
Technically this means:
Implement a back-end that acts as a proxy to the search requests to Typesense and checks for user authentication. This needs to implement full-fledged user management under reasonable security standards, preferabily implemented through existing authentication solutions or libraries.
Modifying the InstantSearch-based front-end to send the proxied requests with user credentials and embed the view in a page allowing users to optionally authenticate through a user portal. Payment management is not needed, but there has to be an admin page that allows to manually enable full access to paying users.
Back-end solutions implemented on Python (FastAPI, Flask, Django) are encouraged but not necessary.
The database system used has to be open source and self-hosted. (PostgreSQL, MariaDB, MongoDB, etc)
If possible, the front-end must be kept separate from the back-end in a static manner, allowing the front-end to be served directly through CDNs. This means templating is discouraged, but proposals are still accepted.