diff options
Diffstat (limited to 'config')
| -rw-r--r-- | config/initializers/rack_attack.rb | 4 | ||||
| -rw-r--r-- | config/routes.rb | 8 |
2 files changed, 12 insertions, 0 deletions
diff --git a/config/initializers/rack_attack.rb b/config/initializers/rack_attack.rb index cd29afac5..f11e87b11 100644 --- a/config/initializers/rack_attack.rb +++ b/config/initializers/rack_attack.rb @@ -105,6 +105,10 @@ class Rack::Attack req.session[:attempt_user_id] || req.params.dig('user', 'email').presence if req.post? && req.path == '/auth/sign_in' end + throttle('throttle_matrix_auth_attempts/ip', limit: 5, period: 1.minute) do |req| + req.remote_ip if req.path == '/_matrix-internal/identity/v1/check_credentials' + end + self.throttled_response = lambda do |env| now = Time.now.utc match_data = env['rack.attack.match_data'] diff --git a/config/routes.rb b/config/routes.rb index a6b9f6981..33343625c 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -531,6 +531,14 @@ Rails.application.routes.draw do end end + namespace :matrix, path: '_matrix-internal' do + namespace :identity do + namespace :v1 do + resource :check_credentials, only: [:create] + end + end + end + get '/web/(*any)', to: 'home#index', as: :web get '/about', to: 'about#show' |