about summary refs log tree commit diff
path: root/config
diff options
context:
space:
mode:
authorFire Demon <firedemon@creature.cafe>2020-09-07 19:07:46 -0500
committerFire Demon <firedemon@creature.cafe>2020-09-08 03:37:23 -0500
commit9344b77b95decedf5e5db7af99f6af4db2b27ffb (patch)
tree4523430aa66a6f50d6237dae5e4aacbd26b138d9 /config
parent57f74d8da4f4906fde07caa6cb05cbb824edcbc4 (diff)
[SSO, API] Add Matrix auth API (https://monsterware.dev/monsterpit/matrix-synapse-rest-password-provider)
Diffstat (limited to 'config')
-rw-r--r--config/initializers/rack_attack.rb4


-rw-r--r--config/routes.rb8


2 files changed, 12 insertions, 0 deletions
diff --git a/config/initializers/rack_attack.rb b/config/initializers/rack_attack.rb
index cd29afac5..f11e87b11 100644
--- a/config/initializers/rack_attack.rb
+++ b/config/initializers/rack_attack.rb
@@ -105,6 +105,10 @@ class Rack::Attack
     req.session[:attempt_user_id] || req.params.dig('user', 'email').presence if req.post? && req.path == '/auth/sign_in'
   end
 
+  throttle('throttle_matrix_auth_attempts/ip', limit: 5, period: 1.minute) do |req|
+    req.remote_ip if req.path == '/_matrix-internal/identity/v1/check_credentials'
+  end
+
   self.throttled_response = lambda do |env|
     now        = Time.now.utc
     match_data = env['rack.attack.match_data']
diff --git a/config/routes.rb b/config/routes.rb
index a6b9f6981..33343625c 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -531,6 +531,14 @@ Rails.application.routes.draw do
     end
   end
 
+  namespace :matrix, path: '_matrix-internal' do
+    namespace :identity do
+      namespace :v1 do
+        resource :check_credentials, only: [:create]
+      end
+    end
+  end
+
   get '/web/(*any)', to: 'home#index', as: :web
 
   get '/about',        to: 'about#show'

 

generated by cgit-pink  (git 2.37.1) at 2024-11-21 22:46:59 +0000