summary refs log tree commit diff
path: root/synapse/api
diff options
context:
space:
mode:
authorBrendan Abolivier <contact@brendanabolivier.com>2019-03-15 17:46:16 +0000
committerGitHub <noreply@github.com>2019-03-15 17:46:16 +0000
commit899e523d6d92dfbc17dce81eb36f63053e447a97 (patch)
tree5a8e2a7b2638cdc06a6dd4c8736c828c25ba47b9 /synapse/api
parentMerge pull request #4855 from matrix-org/rav/refactor_transaction_queue (diff)
downloadsynapse-899e523d6d92dfbc17dce81eb36f63053e447a97.tar.xz
Add ratelimiting on login (#4821)
Add two ratelimiters on login (per-IP address and per-userID).
Diffstat (limited to 'synapse/api')
-rw-r--r--synapse/api/ratelimiting.py12
1 files changed, 12 insertions, 0 deletions
diff --git a/synapse/api/ratelimiting.py b/synapse/api/ratelimiting.py
index ad68079eeb..296c4a1c17 100644
--- a/synapse/api/ratelimiting.py
+++ b/synapse/api/ratelimiting.py
@@ -14,6 +14,8 @@
 
 import collections
 
+from synapse.api.errors import LimitExceededError
+
 
 class Ratelimiter(object):
     """
@@ -82,3 +84,13 @@ class Ratelimiter(object):
                 break
             else:
                 del self.message_counts[key]
+
+    def ratelimit(self, key, time_now_s, rate_hz, burst_count, update=True):
+        allowed, time_allowed = self.can_do_action(
+            key, time_now_s, rate_hz, burst_count, update
+        )
+
+        if not allowed:
+            raise LimitExceededError(
+                retry_after_ms=int(1000 * (time_allowed - time_now_s)),
+            )