BigW Consortium Gitlab

ip_rate_limiter.rb 827 Bytes
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13
module Gitlab
  module Auth
    class IpRateLimiter
      attr_reader :ip

      def initialize(ip)
        @ip = ip
        @banned = false
      end

      def enabled?
        config.enabled
      end
14

15 16 17
      def reset!
        Rack::Attack::Allow2Ban.reset(ip, config)
      end
18

19 20 21 22
      def register_fail!
        # Allow2Ban.filter will return false if this IP has not failed too often yet
        @banned = Rack::Attack::Allow2Ban.filter(ip, config) do
          # If we return false here, the failure for this IP is ignored by Allow2Ban
23
          ip_can_be_banned?
24 25
        end
      end
26

27 28 29
      def banned?
        @banned
      end
30

31
      private
32

33 34 35
      def config
        Gitlab.config.rack_attack.git_basic_auth
      end
36

37
      def ip_can_be_banned?
38 39 40 41 42
        config.ip_whitelist.exclude?(ip)
      end
    end
  end
end