Skip to content

Rate-Limit Update

MariaV requested to merge rate_limiting into master

Designed to overall security with rate-limiting via Django rate-limit.

  • Added Django-Ratelimit package to requirements.txt.
  • Enabled caching in
  • Updated sample_env.txt with new required keys.
  • Updated with rate-limit settings needed to run.
  • Updated to call new rate-limit variables from .env
  • Added two decorators to that take the .env settings via a new callable function to determine rate-limit (one for ip and one for form post method), which also include a custom field, "block_all"--when set to True in .env, will disable those views using decorators.
  • Added custom URL handler to catch Ratelimited 403 exception and render a custom template with response.status_code 403.
  • Added rate_limit template.html
  • Added tests in anonticket/ for rate-limiting, including cache-clearing between tests during tearDown.

All tests passing with 94 percent coverage via python coverage.

Merge request reports