forked from vikunja/vikunja
feat: make unauthenticated user routes rate limit configurable
This commit is contained in:
parent
f26f1326ea
commit
c6c465c273
GPG Key ID:
F40E70337AB24C9B
|
|
@ -191,6 +191,10 @@ ratelimit:
|
||||||
# Possible values are "keyvalue", "memory" or "redis".
|
# Possible values are "keyvalue", "memory" or "redis".
|
||||||
# When choosing "keyvalue" this setting follows the one configured in the "keyvalue" section.
|
# When choosing "keyvalue" this setting follows the one configured in the "keyvalue" section.
|
||||||
store: keyvalue
|
store: keyvalue
|
||||||
|
# The number of requests a user can make from the same IP to all unauthenticated routes (login, register,
|
||||||
|
# password confirmation, email verification, password reset request) per minute. This limit cannot be disabled.
|
||||||
|
# You should only change this if you know what you're doing.
|
||||||
|
noauthlimit: 10
|
||||||
|
|
||||||
files:
|
files:
|
||||||
# The path where files are stored
|
# The path where files are stored
|
||||||
|
|
|
||||||
|
|
@ -969,6 +969,19 @@ Full path: `ratelimit.store`
|
||||||
Environment path: `VIKUNJA_RATELIMIT_STORE`
|
Environment path: `VIKUNJA_RATELIMIT_STORE`
|
||||||
|
|
||||||
|
|
||||||
|
### noauthlimit
|
||||||
|
|
||||||
|
The number of requests a user can make from the same IP to all unauthenticated routes (login, register,
|
||||||
|
password confirmation, email verification, password reset request) per minute. This limit cannot be disabled.
|
||||||
|
You should only change this if you know what you're doing.
|
||||||
|
|
||||||
|
Default: `10`
|
||||||
|
|
||||||
|
Full path: `ratelimit.noauthlimit`
|
||||||
|
|
||||||
|
Environment path: `VIKUNJA_RATELIMIT_NOAUTHLIMIT`
|
||||||
|
|
||||||
|
|
||||||
---
|
---
|
||||||
|
|
||||||
## files
|
## files
|
||||||
|
|
|
||||||
|
|
@ -122,11 +122,12 @@ const (
|
||||||
LogMail Key = `log.mail`
|
LogMail Key = `log.mail`
|
||||||
LogMailLevel Key = `log.maillevel`
|
LogMailLevel Key = `log.maillevel`
|
||||||
|
|
||||||
RateLimitEnabled Key = `ratelimit.enabled`
|
RateLimitEnabled Key = `ratelimit.enabled`
|
||||||
RateLimitKind Key = `ratelimit.kind`
|
RateLimitKind Key = `ratelimit.kind`
|
||||||
RateLimitPeriod Key = `ratelimit.period`
|
RateLimitPeriod Key = `ratelimit.period`
|
||||||
RateLimitLimit Key = `ratelimit.limit`
|
RateLimitLimit Key = `ratelimit.limit`
|
||||||
RateLimitStore Key = `ratelimit.store`
|
RateLimitStore Key = `ratelimit.store`
|
||||||
|
RateLimitNoAuthRoutesLimit Key = `ratelimit.noauthlimit`
|
||||||
|
|
||||||
FilesBasePath Key = `files.basepath`
|
FilesBasePath Key = `files.basepath`
|
||||||
FilesMaxSize Key = `files.maxsize`
|
FilesMaxSize Key = `files.maxsize`
|
||||||
|
|
@ -367,6 +368,7 @@ func InitDefaultConfig() {
|
||||||
RateLimitLimit.setDefault(100)
|
RateLimitLimit.setDefault(100)
|
||||||
RateLimitPeriod.setDefault(60)
|
RateLimitPeriod.setDefault(60)
|
||||||
RateLimitStore.setDefault("memory")
|
RateLimitStore.setDefault("memory")
|
||||||
|
RateLimitNoAuthRoutesLimit.setDefault(10)
|
||||||
// Files
|
// Files
|
||||||
FilesBasePath.setDefault("files")
|
FilesBasePath.setDefault("files")
|
||||||
FilesMaxSize.setDefault("20MB")
|
FilesMaxSize.setDefault("20MB")
|
||||||
|
|
|
||||||
|
|
@ -246,7 +246,7 @@ func registerAPIRoutes(a *echo.Group) {
|
||||||
ur := a.Group("")
|
ur := a.Group("")
|
||||||
rate := limiter.Rate{
|
rate := limiter.Rate{
|
||||||
Period: 60 * time.Second,
|
Period: 60 * time.Second,
|
||||||
Limit: 10,
|
Limit: config.RateLimitNoAuthRoutesLimit.GetInt64(),
|
||||||
}
|
}
|
||||||
rateLimiter := createRateLimiter(rate)
|
rateLimiter := createRateLimiter(rate)
|
||||||
ur.Use(RateLimit(rateLimiter, "ip"))
|
ur.Use(RateLimit(rateLimiter, "ip"))
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue