self-hosted/Mailu
1
0
Fork 0
mirror of https://github.com/Mailu/Mailu.git synced 2025-03-29 21:46:57 +02:00
Code Issues Releases Activity

Update core/admin/mailu/limiter.py

Browse Source 
Co-authored-by: Dimitri Huisman <52963853+Diman0@users.noreply.github.com>
This commit is contained in:
Florent Daigniere 2023-04-02 17:11:16 +02:00 committed by GitHub
parent 795a7bafa2
commit 7dc2912770
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
core/admin/mailu/limiter.py
View File

@ -72,7 +72,7 @@ class LimitWraperFactory(object):
limiter = self.get_limiter(app.config["AUTH_RATELIMIT_USER"], 'auth-user') limiter = self.get_limiter(app.config["AUTH_RATELIMIT_USER"], 'auth-user')
if self.is_subject_to_rate_limits(ip): if self.is_subject_to_rate_limits(ip):
truncated_password = hmac.new(bytearray(username, 'utf-8'), bytearray(password, 'utf-8'), 'sha256').hexdigest()[-6:] truncated_password = hmac.new(bytearray(username, 'utf-8'), bytearray(password, 'utf-8'), 'sha256').hexdigest()[-6:]
if password and self.storage.get(f'dedup2-{username}-{truncated_password}') > 0: if password and (self.storage.get(f'dedup2-{username}-{truncated_password}') > 0):
return return
self.storage.incr(f'dedup2-{username}-{truncated_password}', limits.parse(app.config['AUTH_RATELIMIT_USER']).GRANULARITY.seconds, True) self.storage.incr(f'dedup2-{username}-{truncated_password}', limits.parse(app.config['AUTH_RATELIMIT_USER']).GRANULARITY.seconds, True)
limiter.hit(device_cookie if device_cookie_name == username else username) limiter.hit(device_cookie if device_cookie_name == username else username)