Adding a captcha rate limit. Fixes #1755 (#1941)

* Adding a captcha rate limit. Fixes #1755

* Changing to post rate limit.
This commit is contained in:
Dessalines 2021-11-25 08:04:19 -05:00 committed by GitHub
parent 97b8b9c255
commit e765b42d46
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 10 additions and 2 deletions

View File

@ -491,7 +491,10 @@ impl ChatServer {
} else {
let user_operation = UserOperation::from_str(op)?;
let fut = (message_handler)(context, msg.id, user_operation.clone(), data);
rate_limiter.message().wrap(ip, fut).await
match user_operation {
UserOperation::GetCaptcha => rate_limiter.post().wrap(ip, fut).await,
_ => rate_limiter.message().wrap(ip, fut).await,
}
}
}
}

View File

@ -161,6 +161,12 @@ pub fn config(cfg: &mut web::ServiceConfig, rate_limit: &RateLimit) {
.wrap(rate_limit.register())
.route(web::post().to(route_post_crud::<Register>)),
)
.service(
// Handle captcha separately
web::resource("/user/get_captcha")
.wrap(rate_limit.post())
.route(web::get().to(route_get::<GetCaptcha>)),
)
// User actions
.service(
web::scope("/user")
@ -178,7 +184,6 @@ pub fn config(cfg: &mut web::ServiceConfig, rate_limit: &RateLimit) {
.route("/block", web::post().to(route_post::<BlockPerson>))
// Account actions. I don't like that they're in /user maybe /accounts
.route("/login", web::post().to(route_post::<Login>))
.route("/get_captcha", web::get().to(route_get::<GetCaptcha>))
.route(
"/delete_account",
web::post().to(route_post_crud::<DeleteAccount>),