|
|
|
@ -122,7 +122,7 @@ class Rack::Attack |
|
|
|
end |
|
|
|
end |
|
|
|
|
|
|
|
|
|
|
|
throttle('throttle_email_confirmations/ip', limit: 25, period: 5.minutes) do |req| |
|
|
|
throttle('throttle_email_confirmations/ip', limit: 25, period: 5.minutes) do |req| |
|
|
|
req.throttleable_remote_ip if req.post? && (req.path_matches?('/auth/confirmation') || req.path == '/api/v1/emails/confirmations') |
|
|
|
req.throttleable_remote_ip if (req.post? && (req.path_matches?('/auth/confirmation') || req.path == '/api/v1/emails/confirmations')) || ((req.put? || req.patch?) && req.path_matches?('/auth/setup')) |
|
|
|
end |
|
|
|
end |
|
|
|
|
|
|
|
|
|
|
|
throttle('throttle_email_confirmations/email', limit: 5, period: 30.minutes) do |req| |
|
|
|
throttle('throttle_email_confirmations/email', limit: 5, period: 30.minutes) do |req| |
|
|
|
@ -133,6 +133,14 @@ class Rack::Attack |
|
|
|
end |
|
|
|
end |
|
|
|
end |
|
|
|
end |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
throttle('throttle_auth_setup/email', limit: 5, period: 10.minutes) do |req| |
|
|
|
|
|
|
|
req.params.dig('user', 'email').presence if (req.put? || req.patch?) && req.path_matches?('/auth/setup') |
|
|
|
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
throttle('throttle_auth_setup/account', limit: 5, period: 10.minutes) do |req| |
|
|
|
|
|
|
|
req.warden_user_id if (req.put? || req.patch?) && req.path_matches?('/auth/setup') |
|
|
|
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
|
|
throttle('throttle_login_attempts/ip', limit: 25, period: 5.minutes) do |req| |
|
|
|
throttle('throttle_login_attempts/ip', limit: 25, period: 5.minutes) do |req| |
|
|
|
req.throttleable_remote_ip if req.post? && req.path_matches?('/auth/sign_in') |
|
|
|
req.throttleable_remote_ip if req.post? && req.path_matches?('/auth/sign_in') |
|
|
|
end |
|
|
|
end |
|
|
|
|
Claire
1 year ago
committed by
GitHub