diff options
| author | Jacob Vosmaer <jacob@gitlab.com> | 2016-06-06 17:40:26 +0200 |
|---|---|---|
| committer | Jacob Vosmaer <jacob@gitlab.com> | 2016-06-06 17:40:26 +0200 |
| commit | 07f49626d01ddffcd127e937c528b74b8248043b (patch) | |
| tree | 4bc36661d4c7dca16e5f521927bd80d98347a8ab /lib | |
| parent | 3f3b036defe4f22656f945f341c1d7da06d5543c (diff) | |
| download | gitlab-ce-07f49626d01ddffcd127e937c528b74b8248043b.tar.gz | |
Fix tests
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/gitlab/auth.rb | 42 | ||||
| -rw-r--r-- | lib/gitlab/auth/ip_rate_limiter.rb (renamed from lib/gitlab/auth/rate_limiter.rb) | 0 |
2 files changed, 21 insertions, 21 deletions
diff --git a/lib/gitlab/auth.rb b/lib/gitlab/auth.rb index bd129d7216a..076e2af7d38 100644 --- a/lib/gitlab/auth.rb +++ b/lib/gitlab/auth.rb @@ -35,6 +35,27 @@ module Gitlab end end + def rate_limit!(ip, success:, login:) + rate_limiter = Gitlab::Auth::IpRateLimiter.new(ip) + return unless rate_limiter.enabled? + + if success + # Repeated login 'failures' are normal behavior for some Git clients so + # it is important to reset the ban counter once the client has proven + # they are not a 'bad guy'. + rate_limiter.reset! + else + # Register a login failure so that Rack::Attack can block the next + # request from this IP if needed. + rate_limiter.register_fail! + + if rate_limiter.banned? + Rails.logger.info "IP #{ip} failed to login " \ + "as #{login} but has been temporarily banned from Git auth" + end + end + end + private def valid_ci_request?(login, password, project) @@ -61,27 +82,6 @@ module Gitlab token && token.accessible? && User.find_by(id: token.resource_owner_id) end end - - def rate_limit!(ip, success:, login:) - rate_limiter = IpRateLimiter.new(ip) - return unless rate_limiter.enabled? - - if success - # Repeated login 'failures' are normal behavior for some Git clients so - # it is important to reset the ban counter once the client has proven - # they are not a 'bad guy'. - rate_limiter.reset! - else - # Register a login failure so that Rack::Attack can block the next - # request from this IP if needed. - rate_limiter.register_fail!(ip, config) - - if rate_limiter.banned? - Rails.logger.info "IP #{ip} failed to login " \ - "as #{login} but has been temporarily banned from Git auth" - end - end - end end end end diff --git a/lib/gitlab/auth/rate_limiter.rb b/lib/gitlab/auth/ip_rate_limiter.rb index 1089bc9f89e..1089bc9f89e 100644 --- a/lib/gitlab/auth/rate_limiter.rb +++ b/lib/gitlab/auth/ip_rate_limiter.rb |