summary refs log tree commit diff
path: root/synapse/api/ratelimiting.py (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Fix room creation being rate limited too aggressively since Synapse v1.69.0. ↵reivilibre2022-10-281-1/+7
| | | | | | | | | | | | | | | | | | | (#14314) * Introduce a test for the old behaviour which we want to restore * Reintroduce the old behaviour in a simpler way * Newsfile Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org> * Use 1 credit instead of 2 for creating a room: be more lenient than before Notably, the UI in Element Web was still broken after restoring to prior behaviour. After discussion, we agreed that it would be sensible to increase the limit. Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
* Rename `RateLimitConfig` to `RatelimitSettings` (#13442)Dirk Klimpel2022-08-031-3/+3
|
* Allow rate limiters to passively record actions they cannot limit (#13253)David Robertson2022-07-131-12/+82
| | | Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
* Fix a long-standing bug which meant that rate limiting was not restrictive ↵reivilibre2022-06-151-1/+4
| | | | enough in some cases. (#13018)
* Add missing type hints to synapse.api. (#11109)Patrick Cloke2021-10-181-2/+2
| | | | * Convert UserPresenceState to attrs. * Remove args/kwargs from error classes and explicitly pass msg/errorcode.
* Remove the deprecated BaseHandler. (#11005)Patrick Cloke2021-10-081-0/+86
| | | | | | | | The shared ratelimit function was replaced with a dedicated RequestRatelimiter class (accessible from the HomeServer object). Other properties were copied to each sub-class that inherited from BaseHandler.
* Add types to synapse.util. (#10601)reivilibre2021-09-101-4/+4
|
* Use inline type hints in various other places (in `synapse/`) (#10380)Jonathan de Jong2021-07-151-3/+1
|
* Correctly ratelimit invites when creating a room (#9968)Brendan Abolivier2021-05-121-5/+17
| | | | | * Correctly ratelimit invites when creating a room Also allow ratelimiting for more than one action at a time.
* Make RateLimiter class check for ratelimit overrides (#9711)Erik Johnston2021-03-301-45/+55
| | | | | | | This should fix a class of bug where we forget to check if e.g. the appservice shouldn't be ratelimited. We also check the `ratelimit_override` table to check if the user has ratelimiting disabled. That table is really only meant to override the event sender ratelimiting, so we don't use any values from it (as they might not make sense for different rate limits), but we do infer that if ratelimiting is disabled for the user we should disabled all ratelimits. Fixes #9663
* Ratelimit cross-user key sharing requests. (#8957)Patrick Cloke2021-02-191-4/+6
|
* Stop sub-classing object (#8249)Patrick Cloke2020-09-041-1/+1
|
* Do not apply ratelimiting on joins to appservices (#8139)Will Hunt2020-08-211-0/+37
| | | | | | Add new method ratelimiter.can_requester_do_action and ensure that appservices are exempt from being ratelimited. Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com> Co-authored-by: Erik Johnston <erik@matrix.org>
* Performance improvements and refactor of Ratelimiter (#7595)Andrew Morgan2020-06-051-35/+118
| | | | | | | | | | While working on https://github.com/matrix-org/synapse/issues/5665 I found myself digging into the `Ratelimiter` class and seeing that it was both: * Rather undocumented, and * causing a *lot* of config checks This PR attempts to refactor and comment the `Ratelimiter` class, as well as encourage config file accesses to only be done at instantiation. Best to be reviewed commit-by-commit.
* Fixup synapse.api to pass mypy (#6733)Erik Johnston2020-01-201-2/+5
|
* Run Black. (#5482)Amber Brown2019-06-201-13/+7
|
* Add ratelimiting on login (#4821)Brendan Abolivier2019-03-151-0/+12
| | | Add two ratelimiters on login (per-IP address and per-userID).
* Add rate-limiting on registration (#4735)Brendan Abolivier2019-03-051-15/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Rate-limiting for registration * Add unit test for registration rate limiting * Add config parameters for rate limiting on auth endpoints * Doc * Fix doc of rate limiting function Co-Authored-By: babolivier <contact@brendanabolivier.com> * Incorporate review * Fix config parsing * Fix linting errors * Set default config for auth rate limiting * Fix tests * Add changelog * Advance reactor instead of mocked clock * Move parameters to registration specific config and give them more sensible default values * Remove unused config options * Don't mock the rate limiter un MAU tests * Rename _register_with_store into register_with_store * Make CI happy * Remove unused import * Update sample config * Fix ratelimiting test for py2 * Add non-guest test
* Port over enough to get some sytests running on Python 3 (#3668)Amber Brown2018-08-201-1/+1
|
* Check whether to ratelimit sooner to avoid workErik Johnston2016-10-191-5/+9
|
* copyrightsMatthew Hodgson2016-01-071-1/+1
|
* Update copyright noticesMark Haines2015-01-061-1/+1
|
* fix the copyright holder from matrix.org to OpenMarket Ltd, as matrix.org ↵Matthew Hodgson2014-09-031-1/+1
| | | | hasn't been incorporated in time for launch.
* Add copyright notices and fix pyflakes errorsMark Haines2014-09-031-1/+15
|
* Test ratelimiterMark Haines2014-09-021-19/+48
|
* Ratelimiter objectMark Haines2014-09-021-0/+36