Refactor the rate limiting code

Rate limiting was already redesigned to use Python limits. This introduced some unexpected behavior, including the fact that only one criteria is supported per limiter. Docs and setup utility are updated with this in mind. Also, the code was made more generic, so limiters can be delivered for something else than authentication. Authentication-specific code was moved directly to the authentication routine.
2025-11-23 22:04:47 +02:00 · 2020-02-09 17:38:18 +01:00
parent 7507345ce9
commit 8e88f1b8c3
8 changed files with 53 additions and 55 deletions
--- a/setup/flavors/compose/mailu.env
+++ b/setup/flavors/compose/mailu.env
@@ -30,8 +30,8 @@ POSTMASTER={{ postmaster }}
 TLS_FLAVOR={{ tls_flavor }}

 # Authentication rate limit (per source IP address)
-{% if auth_ratelimit_pm > '0' and auth_ratelimit_ph > '0' %}
-AUTH_RATELIMIT={{ auth_ratelimit_pm }}/minute;{{ auth_ratelimit_ph }}/hour 
+{% if auth_ratelimit_pm > '0' %}
+AUTH_RATELIMIT={{ auth_ratelimit_pm }}/minute
 {% endif %}

 # Opt-out of statistics, replace with "True" to opt out
--- a/setup/templates/steps/config.html
+++ b/setup/templates/steps/config.html
@@ -47,11 +47,10 @@ Or in plain english: if receivers start to classify your mail as spam, this post

 <div class="form-group">
  <label>Authentication rate limit (per source IP address)</label>
-<!--   Validates number input only -->
+  <!--   Validates number input only -->
  <p><input class="form-control" style="width: 7%; display: inline;" type="number" name="auth_ratelimit_pm" 
-  		value="10" required >/minute;
-  <input class="form-control" style="width: 7%; display: inline;;" type="number" name="auth_ratelimit_ph"
-  		value="1000" required >/hour</p>
+  		value="10" required > / minute
+  </p>
 </div>

 <div class="form-check form-check-inline">