th: ENV['TH_DEACTIVATE_DANGEROUS_THROTTLES'] (pls don't use)
This commit is contained in:
parent
566b41cc3b
commit
c97bffb054
1 changed files with 3 additions and 2 deletions
|
@ -4,6 +4,7 @@ require 'doorkeeper/grape/authorization_decorator'
|
||||||
|
|
||||||
class Rack::Attack
|
class Rack::Attack
|
||||||
TH_DEACTIVATE_THROTTLES = !!ENV['TH_DEACTIVATE_THROTTLES']
|
TH_DEACTIVATE_THROTTLES = !!ENV['TH_DEACTIVATE_THROTTLES']
|
||||||
|
TH_DEACTIVATE_DANGEROUS_THROTTLES = !!ENV['TH_DEACTIVATE_DANGEROUS_THROTTLES']
|
||||||
|
|
||||||
class Request
|
class Request
|
||||||
def authenticated_token
|
def authenticated_token
|
||||||
|
@ -113,7 +114,7 @@ class Rack::Attack
|
||||||
|
|
||||||
throttle('throttle_password_resets/ip', limit: 25, period: 5.minutes) do |req|
|
throttle('throttle_password_resets/ip', limit: 25, period: 5.minutes) do |req|
|
||||||
req.throttleable_remote_ip if req.post? && req.path_matches?('/auth/password')
|
req.throttleable_remote_ip if req.post? && req.path_matches?('/auth/password')
|
||||||
end
|
end unless TH_DEACTIVATE_DANGEROUS_THROTTLES
|
||||||
|
|
||||||
throttle('throttle_password_resets/email', limit: 5, period: 30.minutes) do |req|
|
throttle('throttle_password_resets/email', limit: 5, period: 30.minutes) do |req|
|
||||||
req.params.dig('user', 'email').presence if req.post? && req.path_matches?('/auth/password')
|
req.params.dig('user', 'email').presence if req.post? && req.path_matches?('/auth/password')
|
||||||
|
@ -133,7 +134,7 @@ class Rack::Attack
|
||||||
|
|
||||||
throttle('throttle_login_attempts/ip', limit: 25, period: 5.minutes) do |req|
|
throttle('throttle_login_attempts/ip', limit: 25, period: 5.minutes) do |req|
|
||||||
req.throttleable_remote_ip if req.post? && req.path_matches?('/auth/sign_in')
|
req.throttleable_remote_ip if req.post? && req.path_matches?('/auth/sign_in')
|
||||||
end
|
end unless TH_DEACTIVATE_DANGEROUS_THROTTLES
|
||||||
|
|
||||||
throttle('throttle_login_attempts/email', limit: 25, period: 1.hour) do |req|
|
throttle('throttle_login_attempts/email', limit: 25, period: 1.hour) do |req|
|
||||||
req.session[:attempt_user_id] || req.params.dig('user', 'email').presence if req.post? && req.path_matches?('/auth/sign_in')
|
req.session[:attempt_user_id] || req.params.dig('user', 'email').presence if req.post? && req.path_matches?('/auth/sign_in')
|
||||||
|
|
Loading…
Reference in a new issue