gitlab-org--gitlab-foss/lib/gitlab/auth/ip_rate_limiter.rb

43 lines
827 B
Ruby
Raw Normal View History

2016-06-03 11:07:40 -04:00
module Gitlab
module Auth
class IpRateLimiter
attr_reader :ip
def initialize(ip)
@ip = ip
@banned = false
end
def enabled?
config.enabled
end
2016-06-03 11:07:40 -04:00
def reset!
Rack::Attack::Allow2Ban.reset(ip, config)
end
2016-06-03 11:07:40 -04:00
def register_fail!
# Allow2Ban.filter will return false if this IP has not failed too often yet
@banned = Rack::Attack::Allow2Ban.filter(ip, config) do
# If we return false here, the failure for this IP is ignored by Allow2Ban
2016-06-03 11:14:13 -04:00
ip_can_be_banned?
2016-06-03 11:07:40 -04:00
end
end
2016-06-03 11:07:40 -04:00
def banned?
@banned
end
2016-06-03 11:07:40 -04:00
private
2016-06-03 11:07:40 -04:00
def config
Gitlab.config.rack_attack.git_basic_auth
end
2016-06-03 11:14:13 -04:00
def ip_can_be_banned?
2016-06-03 11:07:40 -04:00
config.ip_whitelist.exclude?(ip)
end
end
end
end