summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--lib/gitlab/auth.rb42
-rw-r--r--lib/gitlab/auth/ip_rate_limiter.rb (renamed from lib/gitlab/auth/rate_limiter.rb)0
-rw-r--r--spec/requests/jwt_controller_spec.rb2
3 files changed, 22 insertions, 22 deletions
diff --git a/lib/gitlab/auth.rb b/lib/gitlab/auth.rb
index bd129d7216a..076e2af7d38 100644
--- a/lib/gitlab/auth.rb
+++ b/lib/gitlab/auth.rb
@@ -35,6 +35,27 @@ module Gitlab
end
end
+ def rate_limit!(ip, success:, login:)
+ rate_limiter = Gitlab::Auth::IpRateLimiter.new(ip)
+ return unless rate_limiter.enabled?
+
+ if success
+ # Repeated login 'failures' are normal behavior for some Git clients so
+ # it is important to reset the ban counter once the client has proven
+ # they are not a 'bad guy'.
+ rate_limiter.reset!
+ else
+ # Register a login failure so that Rack::Attack can block the next
+ # request from this IP if needed.
+ rate_limiter.register_fail!
+
+ if rate_limiter.banned?
+ Rails.logger.info "IP #{ip} failed to login " \
+ "as #{login} but has been temporarily banned from Git auth"
+ end
+ end
+ end
+
private
def valid_ci_request?(login, password, project)
@@ -61,27 +82,6 @@ module Gitlab
token && token.accessible? && User.find_by(id: token.resource_owner_id)
end
end
-
- def rate_limit!(ip, success:, login:)
- rate_limiter = IpRateLimiter.new(ip)
- return unless rate_limiter.enabled?
-
- if success
- # Repeated login 'failures' are normal behavior for some Git clients so
- # it is important to reset the ban counter once the client has proven
- # they are not a 'bad guy'.
- rate_limiter.reset!
- else
- # Register a login failure so that Rack::Attack can block the next
- # request from this IP if needed.
- rate_limiter.register_fail!(ip, config)
-
- if rate_limiter.banned?
- Rails.logger.info "IP #{ip} failed to login " \
- "as #{login} but has been temporarily banned from Git auth"
- end
- end
- end
end
end
end
diff --git a/lib/gitlab/auth/rate_limiter.rb b/lib/gitlab/auth/ip_rate_limiter.rb
index 1089bc9f89e..1089bc9f89e 100644
--- a/lib/gitlab/auth/rate_limiter.rb
+++ b/lib/gitlab/auth/ip_rate_limiter.rb
diff --git a/spec/requests/jwt_controller_spec.rb b/spec/requests/jwt_controller_spec.rb
index d006ff195cf..c995993a853 100644
--- a/spec/requests/jwt_controller_spec.rb
+++ b/spec/requests/jwt_controller_spec.rb
@@ -44,7 +44,7 @@ describe JwtController do
let(:user) { create(:user) }
let(:headers) { { authorization: credentials('user', 'password') } }
- before { expect_any_instance_of(Gitlab::Auth).to receive(:find).with('user', 'password').and_return(user) }
+ before { expect(Gitlab::Auth).to receive(:find_in_gitlab_or_ldap).with('user', 'password').and_return(user) }
subject! { get '/jwt/auth', parameters, headers }