Mercurial > p > roundup > code
comparison roundup/cgi/actions.py @ 5722:2f116ba7e7cf
Rename Store class in rate_limit.py to Gcra. The name Store makes no
sense since the class implements a Gcra, I'll call it Gcra....
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Fri, 17 May 2019 19:45:15 -0400 |
| parents | 842252c3ee22 |
| children | 8dbe307bdb57 |
comparison
equal
deleted
inserted
replaced
| 5721:abb9fdb02228 | 5722:2f116ba7e7cf |
|---|---|
| 3 from roundup import hyperdb, token, date, password | 3 from roundup import hyperdb, token, date, password |
| 4 from roundup.actions import Action as BaseAction | 4 from roundup.actions import Action as BaseAction |
| 5 from roundup.i18n import _ | 5 from roundup.i18n import _ |
| 6 from roundup.cgi import exceptions, templating | 6 from roundup.cgi import exceptions, templating |
| 7 from roundup.mailgw import uidFromAddress | 7 from roundup.mailgw import uidFromAddress |
| 8 from roundup.rate_limit import Store, RateLimit | 8 from roundup.rate_limit import Gcra, RateLimit |
| 9 from roundup.exceptions import Reject, RejectRaw | 9 from roundup.exceptions import Reject, RejectRaw |
| 10 from roundup.anypy import urllib_ | 10 from roundup.anypy import urllib_ |
| 11 from roundup.anypy.strings import StringIO | 11 from roundup.anypy.strings import StringIO |
| 12 import roundup.anypy.random_ as random_ | 12 import roundup.anypy.random_ as random_ |
| 13 | 13 |
| 1233 try: | 1233 try: |
| 1234 # Implement rate limiting of logins by login name. | 1234 # Implement rate limiting of logins by login name. |
| 1235 # Use prefix to prevent key collisions maybe?? | 1235 # Use prefix to prevent key collisions maybe?? |
| 1236 rlkey="LOGIN-" + self.client.user | 1236 rlkey="LOGIN-" + self.client.user |
| 1237 limit=self.loginLimit | 1237 limit=self.loginLimit |
| 1238 s=Store() | 1238 gcra=Gcra() |
| 1239 otk=self.client.db.Otk | 1239 otk=self.client.db.Otk |
| 1240 try: | 1240 try: |
| 1241 val=otk.getall(rlkey) | 1241 val=otk.getall(rlkey) |
| 1242 s.set_tat_as_string(rlkey, val['tat']) | 1242 gcra.set_tat_as_string(rlkey, val['tat']) |
| 1243 except KeyError: | 1243 except KeyError: |
| 1244 # ignore if tat not set, it's 1970-1-1 by default. | 1244 # ignore if tat not set, it's 1970-1-1 by default. |
| 1245 pass | 1245 pass |
| 1246 # see if rate limit exceeded and we need to reject the attempt | 1246 # see if rate limit exceeded and we need to reject the attempt |
| 1247 reject=s.update(rlkey, limit) | 1247 reject=gcra.update(rlkey, limit) |
| 1248 | 1248 |
| 1249 # Calculate a timestamp that will make OTK expire the | 1249 # Calculate a timestamp that will make OTK expire the |
| 1250 # unused entry 1 hour in the future | 1250 # unused entry 1 hour in the future |
| 1251 ts = time.time() - (60 * 60 * 24 * 7) + 3600 | 1251 ts = time.time() - (60 * 60 * 24 * 7) + 3600 |
| 1252 otk.set(rlkey, tat=s.get_tat_as_string(rlkey), | 1252 otk.set(rlkey, tat=gcra.get_tat_as_string(rlkey), |
| 1253 __timestamp=ts) | 1253 __timestamp=ts) |
| 1254 otk.commit() | 1254 otk.commit() |
| 1255 | 1255 |
| 1256 if reject: | 1256 if reject: |
| 1257 # User exceeded limits: find out how long to wait | 1257 # User exceeded limits: find out how long to wait |
| 1258 status=s.status(rlkey, limit) | 1258 status=gcra.status(rlkey, limit) |
| 1259 raise Reject(_("Logins occurring too fast. Please wait: %d seconds.")%status['Retry-After']) | 1259 raise Reject(_("Logins occurring too fast. Please wait: %d seconds.")%status['Retry-After']) |
| 1260 else: | 1260 else: |
| 1261 self.verifyLogin(self.client.user, password) | 1261 self.verifyLogin(self.client.user, password) |
| 1262 except exceptions.LoginError as err: | 1262 except exceptions.LoginError as err: |
| 1263 self.client.make_user_anonymous() | 1263 self.client.make_user_anonymous() |