Commit 8ca71066 authored by Stan Hu's avatar Stan Hu

Merge branch '62756-follow-up-user-info-in-auth-log' into 'master'

Limit user information to RackAttack throttles

See merge request gitlab-org/gitlab-ce!30467
parents 735f360c bcd813c0
...@@ -12,7 +12,7 @@ ActiveSupport::Notifications.subscribe('rack.attack') do |name, start, finish, r ...@@ -12,7 +12,7 @@ ActiveSupport::Notifications.subscribe('rack.attack') do |name, start, finish, r
fullpath: req.fullpath fullpath: req.fullpath
} }
if req.env['rack.attack.matched'] != 'throttle_unauthenticated' if %w(throttle_authenticated_api throttle_authenticated_web).include? req.env['rack.attack.matched']
user_id = req.env['rack.attack.match_discriminator'] user_id = req.env['rack.attack.match_discriminator']
user = User.find_by(id: user_id) user = User.find_by(id: user_id)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment