diff options
| author | Michael Kozono <mkozono@gmail.com> | 2017-10-17 12:40:09 -0400 |
|---|---|---|
| committer | Francisco Lopez <fjlopez@gitlab.com> | 2017-11-17 09:58:18 +0100 |
| commit | 09b01c756069058e02ba4fc9f5f53a534aef3fe3 (patch) | |
| tree | 21e3a5f5cca31bb8a1ff35d1fbccc18b604d6066 /config | |
| parent | a7243fc14b02c8461cbad991178e12580534928f (diff) | |
| download | gitlab-ce-09b01c756069058e02ba4fc9f5f53a534aef3fe3.tar.gz | |
Don't add methods to Rack::Attack
Diffstat (limited to 'config')
| -rw-r--r-- | config/initializers/rack_attack_global.rb | 22 |
1 files changed, 12 insertions, 10 deletions
diff --git a/config/initializers/rack_attack_global.rb b/config/initializers/rack_attack_global.rb index cf87310d7b7..9453df2ec5a 100644 --- a/config/initializers/rack_attack_global.rb +++ b/config/initializers/rack_attack_global.rb @@ -1,40 +1,42 @@ -class Rack::Attack +module Gitlab::Throttle def self.settings Gitlab::CurrentSettings.current_application_settings end - def self.throttle_unauthenticated_options + def self.unauthenticated_options limit_proc = proc { |req| settings.throttle_unauthenticated_requests_per_period } period_proc = proc { |req| settings.throttle_unauthenticated_period_in_seconds.seconds } { limit: limit_proc, period: period_proc } end - def self.throttle_authenticated_api_options + def self.authenticated_api_options limit_proc = proc { |req| settings.throttle_authenticated_api_requests_per_period } period_proc = proc { |req| settings.throttle_authenticated_api_period_in_seconds.seconds } { limit: limit_proc, period: period_proc } end - def self.throttle_authenticated_web_options + def self.authenticated_web_options limit_proc = proc { |req| settings.throttle_authenticated_web_requests_per_period } period_proc = proc { |req| settings.throttle_authenticated_web_period_in_seconds.seconds } { limit: limit_proc, period: period_proc } end +end - throttle('throttle_unauthenticated', throttle_unauthenticated_options) do |req| - settings.throttle_unauthenticated_enabled && +class Rack::Attack + throttle('throttle_unauthenticated', Gitlab::Throttle.unauthenticated_options) do |req| + Gitlab::Throttle.settings.throttle_unauthenticated_enabled && req.unauthenticated? && req.ip end - throttle('throttle_authenticated_api', throttle_authenticated_api_options) do |req| - settings.throttle_authenticated_api_enabled && + throttle('throttle_authenticated_api', Gitlab::Throttle.authenticated_api_options) do |req| + Gitlab::Throttle.settings.throttle_authenticated_api_enabled && req.api_request? && req.authenticated_user_id end - throttle('throttle_authenticated_web', throttle_authenticated_web_options) do |req| - settings.throttle_authenticated_web_enabled && + throttle('throttle_authenticated_web', Gitlab::Throttle.authenticated_web_options) do |req| + Gitlab::Throttle.settings.throttle_authenticated_web_enabled && req.web_request? && req.authenticated_user_id end |