Unfloyded/Legamunt
0
0
Fork 0
Code Activity

Change rate limits for various paths (#14253)

Browse source 
- Rate limit login attempts by target account
- Rate limit password resets and e-mail re-confirmations by target account
- Rate limit sign-up/login attempts, password resets, and e-mail re-confirmations by IP like before
This commit is contained in:
Eugen Rochko 2020-07-07 15:26:39 +02:00 committed by GitHub
parent 844870273f
commit 81a3db1564
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 27 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

1
config/initializers/rack_attack_logging.rb
View file

@ -2,5 +2,6 @@ ActiveSupport::Notifications.subscribe(/rack_attack/) do |_name, _start, _finish
req = payload[:request]
next unless [:throttle, :blacklist].include? req.env['rack.attack.match_type']
Rails.logger.info("Rate limit hit (#{req.env['rack.attack.match_type']}): #{req.ip} #{req.request_method} #{req.fullpath}")
end