Add rate limiting
This commit is contained in:
parent
83d731c546
commit
29c0247b4b
@ -239,8 +239,18 @@ pub struct StartOpenIDLoginResponse {
|
||||
}
|
||||
|
||||
/// Start OpenID login
|
||||
pub async fn start_openid_login(ip: RemoteIP, req: web::Json<StartOpenIDLoginQuery>) -> HttpResult {
|
||||
let url = openid_service::start_login(&req.provider, ip.0).await?;
|
||||
pub async fn start_openid_login(
|
||||
remote_ip: RemoteIP,
|
||||
req: web::Json<StartOpenIDLoginQuery>,
|
||||
) -> HttpResult {
|
||||
// Rate limiting
|
||||
if rate_limiter_service::should_block_action(remote_ip.0, RatedAction::StartOpenIDLogin).await?
|
||||
{
|
||||
return Ok(HttpResponse::TooManyRequests().finish());
|
||||
}
|
||||
rate_limiter_service::record_action(remote_ip.0, RatedAction::StartOpenIDLogin).await?;
|
||||
|
||||
let url = openid_service::start_login(&req.provider, remote_ip.0).await?;
|
||||
|
||||
Ok(HttpResponse::Ok().json(StartOpenIDLoginResponse { url }))
|
||||
}
|
||||
|
@ -9,6 +9,7 @@ pub enum RatedAction {
|
||||
CheckResetPasswordTokenFailed,
|
||||
RequestNewPasswordResetLink,
|
||||
FailedPasswordLogin,
|
||||
StartOpenIDLogin,
|
||||
}
|
||||
|
||||
impl RatedAction {
|
||||
@ -18,6 +19,7 @@ impl RatedAction {
|
||||
RatedAction::CheckResetPasswordTokenFailed => "check-reset-password-token",
|
||||
RatedAction::RequestNewPasswordResetLink => "req-pwd-reset-lnk",
|
||||
RatedAction::FailedPasswordLogin => "failed-login",
|
||||
RatedAction::StartOpenIDLogin => "start-oidc-login",
|
||||
}
|
||||
}
|
||||
|
||||
@ -27,6 +29,7 @@ impl RatedAction {
|
||||
RatedAction::CheckResetPasswordTokenFailed => 100,
|
||||
RatedAction::RequestNewPasswordResetLink => 5,
|
||||
RatedAction::FailedPasswordLogin => 15,
|
||||
RatedAction::StartOpenIDLogin => 30,
|
||||
}
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user