Allow limiting logging in users from too many different IPs.

author: Pawel Chojnacki <pawel@chojnacki.ws> 2017-02-06 13:48:46 +0100
committer: Pawel Chojnacki <pawel@chojnacki.ws> 2017-03-06 15:41:24 +0100
commit: e5cf3f51fb568361a247d715facb6cd9bb15bb16 (patch)
tree: d12f9644c8b0dd0765fd0de90d69027848341083 /config/initializers
parent: 27729aa3a4666c6b06006c76023f4bff60f8ba25 (diff)
download: gitlab-ce-e5cf3f51fb568361a247d715facb6cd9bb15bb16.tar.gz
2 files changed, 7 insertions, 2 deletions
diff --git a/config/initializers/doorkeeper.rb b/config/initializers/doorkeeper.rb
index 88cd0f5f652..44b658e5872 100644
--- a/config/initializers/doorkeeper.rb
+++ b/config/initializers/doorkeeper.rb
@@ -12,8 +12,10 @@ Doorkeeper.configure do
   end
 
   resource_owner_from_credentials do |routes|
-    user = Gitlab::Auth.find_with_user_password(params[:username], params[:password])
-    user unless user.try(:two_factor_enabled?)
+    Gitlab::Auth::UniqueIpsLimiter.limit_user! do
+      user = Gitlab::Auth.find_with_user_password(params[:username], params[:password])
+      user unless user.try(:two_factor_enabled?)
+    end
   end
 
   # If you want to restrict access to the web interface for adding oauth authorized applications, you need to declare the block below.
diff --git a/config/initializers/request_context.rb b/config/initializers/request_context.rb
new file mode 100644
index 00000000000..0b485fc1adc
--- /dev/null
+++ b/config/initializers/request_context.rb
@@ -0,0 +1,3 @@
+Rails.application.configure do |config|
+  config.middleware.insert_after RequestStore::Middleware, Gitlab::RequestContext
+end
author	Pawel Chojnacki <pawel@chojnacki.ws>	2017-02-06 13:48:46 +0100
committer	Pawel Chojnacki <pawel@chojnacki.ws>	2017-03-06 15:41:24 +0100
commit	e5cf3f51fb568361a247d715facb6cd9bb15bb16 (patch)
tree	d12f9644c8b0dd0765fd0de90d69027848341083 /config/initializers
parent	27729aa3a4666c6b06006c76023f4bff60f8ba25 (diff)
download	gitlab-ce-e5cf3f51fb568361a247d715facb6cd9bb15bb16.tar.gz