10 Commits (6d5926ef29f628b5f8db59efd2b75e2b5258ee72)

Author SHA1 Message Date
Florent Daigniere c5bd82650f doh 3 years ago
Florent Daigniere 99c81c20a7 Introduce AUTH_RATELIMIT_EXEMPTION
This disables rate limiting on specific CIDRs
3 years ago
Florent Daigniere 24aadf2f52 ensure we log when the rate limiter hits 3 years ago
Florent Daigniere 89ea51d570 Implement rate-limits 3 years ago
kaiyou 8e88f1b8c3 Refactor the rate limiting code
Rate limiting was already redesigned to use Python limits. This
introduced some unexpected behavior, including the fact that only
one criteria is supported per limiter. Docs and setup utility are
updated with this in mind.

Also, the code was made more generic, so limiters can be delivered
for something else than authentication. Authentication-specific
code was moved directly to the authentication routine.
5 years ago
micw 7688caa784
Add missing self. 5 years ago
Michael Wyraz 70f797dbd9 Don't raise rate limit exception on hit(), only on check() 5 years ago
Michael Wyraz a7f787f914 Make rate limit for subnet (webmail) configurable 5 years ago
Michael Wyraz bee80b5c64 Remove rate limit reset 5 years ago
Michael Wyraz 889386b4a6 Limiter implementation 5 years ago