Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
A
Anonymous Ticket Portal
  • Project overview
    • Project overview
    • Details
    • Activity
    • Releases
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 19
    • Issues 19
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Merge Requests 0
    • Merge Requests 0
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Operations
    • Operations
    • Metrics
    • Incidents
    • Environments
  • Packages & Registries
    • Packages & Registries
    • Package Registry
  • Analytics
    • Analytics
    • CI/CD
    • Repository
    • Value Stream
  • Wiki
    • Wiki
  • Snippets
    • Snippets
  • Members
    • Members
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar

GitLab is used only for code review, issue tracking and project management. Canonical locations for source code are still https://gitweb.torproject.org/ https://git.torproject.org/ and git-rw.torproject.org.

  • The Tor Project
  • TPA
  • Anonymous Ticket Portal
  • Merge Requests
  • !81

Merged
Created Feb 11, 2021 by MariaV@MariaVMaintainer

Rate-Limit Update

  • Overview 0
  • Commits 26
  • Changes 8

Designed to overall security with rate-limiting via Django rate-limit.

  • Added Django-Ratelimit package to requirements.txt.
  • Enabled caching in settings.py
  • Updated sample_env.txt with new required keys.
  • Updated README.md with rate-limit settings needed to run.
  • Updated settings.py to call new rate-limit variables from .env
  • Added two decorators to views.py that take the .env settings via a new callable function to determine rate-limit (one for ip and one for form post method), which also include a custom field, "block_all"--when set to True in .env, will disable those views using decorators.
  • Added custom URL handler to catch Ratelimited 403 exception and render a custom template with response.status_code 403.
  • Added rate_limit template.html
  • Added tests in anonticket/tests.py for rate-limiting, including cache-clearing between tests during tearDown.

All tests passing with 94 percent coverage via python coverage.

Assignee
Assign to
Reviewer
Request review from
None
Milestone
None
Assign milestone
Time tracking
Source branch: rate_limiting