me/glitchier-soc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

th: no more throttles for auth'd users

Browse source
This commit is contained in:
Kouhai 2024-01-13 14:05:33 -08:00
parent bcc0a24acd
commit f50dc0b28f
1 changed files with 7 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
config/initializers/rack_attack.rb
View file

@ -66,6 +66,7 @@ class Rack::Attack
IpBlock.blocked?(req.remote_ip)
end
if !!ENV['TH_DEACTIVATE_AUTHED_API_THROTTLES']
throttle('throttle_authenticated_api', limit: 1_500, period: 5.minutes) do |req|
req.authenticated_user_id if req.api_request?
end
@ -73,6 +74,7 @@ class Rack::Attack
throttle('throttle_per_token_api', limit: 300, period: 5.minutes) do |req|
req.authenticated_token_id if req.api_request?
end
end
throttle('throttle_unauthenticated_api', limit: 300, period: 5.minutes) do |req|
req.throttleable_remote_ip if req.api_request? && req.unauthenticated?