th: renamed to TH_DEACTIVATE_AUTHED_THROTTLES + TH_DEACTIVATE_UNAUTHED_API_THROTTLES

2024-01-13 14:09:23 -08:00 · 2024-01-13 14:09:23 -08:00 · d1559d4dee
commit d1559d4dee
parent f50dc0b28f
1 changed files with 9 additions and 5 deletions
--- a/config/initializers/rack_attack.rb
+++ b/config/initializers/rack_attack.rb
@ -66,7 +66,7 @@ class Rack::Attack
    IpBlock.blocked?(req.remote_ip)
  end

-  if !!ENV['TH_DEACTIVATE_AUTHED_API_THROTTLES']
+  if !!ENV['TH_DEACTIVATE_AUTHED_THROTTLES']
    throttle('throttle_authenticated_api', limit: 1_500, period: 5.minutes) do |req|
      req.authenticated_user_id if req.api_request?
    end
@ -76,8 +76,10 @@ class Rack::Attack
    end
  end

-  throttle('throttle_unauthenticated_api', limit: 300, period: 5.minutes) do |req|
-    req.throttleable_remote_ip if req.api_request? && req.unauthenticated?
+  if !!ENV['TH_DEACTIVATE_UNAUTHED_API_THROTTLES']
+    throttle('throttle_unauthenticated_api', limit: 300, period: 5.minutes) do |req|
+      req.throttleable_remote_ip if req.api_request? && req.unauthenticated?
+    end
  end

  throttle('throttle_api_media', limit: 30, period: 30.minutes) do |req|
@ -92,8 +94,10 @@ class Rack::Attack
    req.throttleable_remote_ip if req.post? && req.path == '/api/v1/accounts'
  end

-  throttle('throttle_authenticated_paging', limit: 300, period: 15.minutes) do |req|
-    req.authenticated_user_id if req.paging_request?
+  if !!ENV['TH_DEACTIVATE_AUTHED_THROTTLES']
+    throttle('throttle_authenticated_paging', limit: 300, period: 15.minutes) do |req|
+      req.authenticated_user_id if req.paging_request?
+    end
  end

  throttle('throttle_unauthenticated_paging', limit: 300, period: 15.minutes) do |req|