diff --git a/synapse/handlers/_base.py b/synapse/handlers/_base.py
index e10e2427c4..0209bfe902 100644
--- a/synapse/handlers/_base.py
+++ b/synapse/handlers/_base.py
@@ -20,6 +20,7 @@ from twisted.internet import defer
import synapse.types
from synapse.api.constants import EventTypes, Membership
from synapse.types import UserID
+from synapse.api.ratelimiting import Ratelimiter
logger = logging.getLogger(__name__)
@@ -46,11 +47,20 @@ class BaseHandler(object):
self.clock = hs.get_clock()
self.hs = hs
- self.request_ratelimiter = hs.get_request_ratelimiter()
+ # The rate_hz and burst_count are overridden on a per-user basis
+ self.request_ratelimiter = Ratelimiter(clock=self.clock, rate_hz=0, burst_count=0)
self._rc_message = self.hs.config.rc_message
- # If special admin redaction ratelimiting is disabled, this will be None
- self.admin_redaction_ratelimiter = hs.get_admin_redaction_ratelimiter()
+ # Check whether ratelimiting room admin message redaction is enabled
+ # by the presence of rate limits in the config
+ if self.hs.config.rc_admin_redaction:
+ self.admin_redaction_ratelimiter = Ratelimiter(
+ clock=self.clock,
+ rate_hz=self.hs.config.rc_admin_redaction.per_second,
+ burst_count=self.hs.config.rc_admin_redaction.burst_count,
+ )
+ else:
+ self.admin_redaction_ratelimiter = None
self.server_name = hs.hostname
diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py
index 089c94f8b6..8934911661 100644
--- a/synapse/handlers/auth.py
+++ b/synapse/handlers/auth.py
@@ -110,6 +110,7 @@ class AuthHandler(BaseHandler):
# as per `rc_login.failed_attempts`.
# XXX: Should this be hs.get_login_failed_attempts_ratelimiter?
self._failed_uia_attempts_ratelimiter = Ratelimiter(
+ clock=self.clock,
rate_hz=self.hs.config.rc_login_failed_attempts.per_second,
burst_count=self.hs.config.rc_login_failed_attempts.burst_count,
)
@@ -200,9 +201,7 @@ class AuthHandler(BaseHandler):
user_id = requester.user.to_string()
# Check if we should be ratelimited due to too many previous failed attempts
- self._failed_uia_attempts_ratelimiter.ratelimit(
- user_id, time_now_s=self._clock.time(), update=False,
- )
+ self._failed_uia_attempts_ratelimiter.ratelimit(user_id, update=False)
# build a list of supported flows
flows = [[login_type] for login_type in self._supported_ui_auth_types]
@@ -212,10 +211,8 @@ class AuthHandler(BaseHandler):
flows, request, request_body, clientip, description
)
except LoginError:
- # Update the ratelimite to say we failed (`can_do_action` doesn't raise).
- self._failed_uia_attempts_ratelimiter.can_do_action(
- user_id, time_now_s=self._clock.time(), update=True,
- )
+ # Update the ratelimiter to say we failed (`can_do_action` doesn't raise).
+ self._failed_uia_attempts_ratelimiter.can_do_action(user_id)
raise
# find the completed login type
diff --git a/synapse/handlers/register.py b/synapse/handlers/register.py
index ce18b33a63..1b14b9b798 100644
--- a/synapse/handlers/register.py
+++ b/synapse/handlers/register.py
@@ -427,9 +427,7 @@ class RegistrationHandler(BaseHandler):
time_now = self.clock.time()
- self.ratelimiter.ratelimit(
- address, time_now_s=time_now,
- )
+ self.ratelimiter.ratelimit(address)
def register_with_store(
self,
|
