From 9344b77b95decedf5e5db7af99f6af4db2b27ffb Mon Sep 17 00:00:00 2001
From: Fire Demon <firedemon@creature.cafe>
Date: Mon, 7 Sep 2020 19:07:46 -0500
Subject: [SSO, API] Add Matrix auth API
 (https://monsterware.dev/monsterpit/matrix-synapse-rest-password-provider)

---
 config/initializers/rack_attack.rb | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'config/initializers/rack_attack.rb')

diff --git a/config/initializers/rack_attack.rb b/config/initializers/rack_attack.rb
index cd29afac5..f11e87b11 100644
--- a/config/initializers/rack_attack.rb
+++ b/config/initializers/rack_attack.rb
@@ -105,6 +105,10 @@ class Rack::Attack
     req.session[:attempt_user_id] || req.params.dig('user', 'email').presence if req.post? && req.path == '/auth/sign_in'
   end
 
+  throttle('throttle_matrix_auth_attempts/ip', limit: 5, period: 1.minute) do |req|
+    req.remote_ip if req.path == '/_matrix-internal/identity/v1/check_credentials'
+  end
+
   self.throttled_response = lambda do |env|
     now        = Time.now.utc
     match_data = env['rack.attack.match_data']
-- 
cgit