diff options
author | Horatiu Eugen Vlad <horatiu@vlad.eu> | 2017-05-19 08:38:31 +0000 |
---|---|---|
committer | Horatiu Eugen Vlad <horatiu@vlad.eu> | 2017-05-21 17:58:32 +0200 |
commit | 9735ce15de5255365e302d1f50b301039512f50d (patch) | |
tree | 2df5462f48972bda7d49718fde7b1c5b2fa98938 | |
parent | b0642299943bbb0485b0577e99fb1d2c6072b845 (diff) | |
download | gitlab-ce-9735ce15de5255365e302d1f50b301039512f50d.tar.gz |
Avoid resource intensive login checks if password is not provided
Fixes #32598
-rw-r--r-- | changelogs/unreleased/32598-avoid-resource-intensive-login-checks-if-password-is-not-provided-for-git-http.yml | 4 | ||||
-rw-r--r-- | lib/gitlab/auth.rb | 5 |
2 files changed, 8 insertions, 1 deletions
diff --git a/changelogs/unreleased/32598-avoid-resource-intensive-login-checks-if-password-is-not-provided-for-git-http.yml b/changelogs/unreleased/32598-avoid-resource-intensive-login-checks-if-password-is-not-provided-for-git-http.yml new file mode 100644 index 00000000000..6da7491bbda --- /dev/null +++ b/changelogs/unreleased/32598-avoid-resource-intensive-login-checks-if-password-is-not-provided-for-git-http.yml @@ -0,0 +1,4 @@ +--- +title: Avoid resource intensive login checks if password is not provided. +merge_request: 11537 +author: Horatiu Eugen Vlad diff --git a/lib/gitlab/auth.rb b/lib/gitlab/auth.rb index ea918b23a63..099c45dcfb7 100644 --- a/lib/gitlab/auth.rb +++ b/lib/gitlab/auth.rb @@ -37,6 +37,9 @@ module Gitlab end def find_with_user_password(login, password) + # Avoid resource intensive login checks if password is not provided + return unless password.present? + Gitlab::Auth::UniqueIpsLimiter.limit_user! do user = User.by_login(login) @@ -44,7 +47,7 @@ module Gitlab # LDAP users are only authenticated via LDAP if user.nil? || user.ldap_user? # Second chance - try LDAP authentication - return nil unless Gitlab::LDAP::Config.enabled? + return unless Gitlab::LDAP::Config.enabled? Gitlab::LDAP::Authentication.login(login, password) else |