Add ratelimiting on login (#4821)

Add two ratelimiters on login (per-IP address and per-userID).
author: Brendan Abolivier <contact@brendanabolivier.com> 2019-03-15 17:46:16 +0000
committer: GitHub <noreply@github.com> 2019-03-15 17:46:16 +0000
commit: 899e523d6d92dfbc17dce81eb36f63053e447a97 (patch)
tree: 5a8e2a7b2638cdc06a6dd4c8736c828c25ba47b9 /synapse/api
parent: Merge pull request #4855 from matrix-org/rav/refactor_transaction_queue (diff)
download: synapse-899e523d6d92dfbc17dce81eb36f63053e447a97.tar.xz
1 files changed, 12 insertions, 0 deletions
diff --git a/synapse/api/ratelimiting.py b/synapse/api/ratelimiting.py
index ad68079eeb..296c4a1c17 100644
--- a/synapse/api/ratelimiting.py
+++ b/synapse/api/ratelimiting.py
@@ -14,6 +14,8 @@
 
 import collections
 
+from synapse.api.errors import LimitExceededError
+
 
 class Ratelimiter(object):
     """
@@ -82,3 +84,13 @@ class Ratelimiter(object):
                 break
             else:
                 del self.message_counts[key]
+
+    def ratelimit(self, key, time_now_s, rate_hz, burst_count, update=True):
+        allowed, time_allowed = self.can_do_action(
+            key, time_now_s, rate_hz, burst_count, update
+        )
+
+        if not allowed:
+            raise LimitExceededError(
+                retry_after_ms=int(1000 * (time_allowed - time_now_s)),
+            )
author	Brendan Abolivier <contact@brendanabolivier.com>	2019-03-15 17:46:16 +0000
committer	GitHub <noreply@github.com>	2019-03-15 17:46:16 +0000
commit	899e523d6d92dfbc17dce81eb36f63053e447a97 (patch)
tree	5a8e2a7b2638cdc06a6dd4c8736c828c25ba47b9 /synapse/api
parent	Merge pull request #4855 from matrix-org/rav/refactor_transaction_queue (diff)
download	synapse-899e523d6d92dfbc17dce81eb36f63053e447a97.tar.xz