Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
ff7c4e58
Commit
ff7c4e58
authored
Jun 06, 2016
by
Jacob Vosmaer
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Remove code duplication in JwtController
parent
07f49626
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
1 addition
and
39 deletions
+1
-39
app/controllers/jwt_controller.rb
app/controllers/jwt_controller.rb
+1
-39
No files found.
app/controllers/jwt_controller.rb
View file @
ff7c4e58
...
...
@@ -42,46 +42,8 @@ class JwtController < ApplicationController
end
def
authenticate_user
(
login
,
password
)
# TODO: this is a copy and paste from grack_auth,
# it should be refactored in the future
user
=
Gitlab
::
Auth
.
find_in_gitlab_or_ldap
(
login
,
password
)
# If the user authenticated successfully, we reset the auth failure count
# from Rack::Attack for that IP. A client may attempt to authenticate
# with a username and blank password first, and only after it receives
# a 401 error does it present a password. Resetting the count prevents
# false positives from occurring.
#
# Otherwise, we let Rack::Attack know there was a failed authentication
# attempt from this IP. This information is stored in the Rails cache
# (Redis) and will be used by the Rack::Attack middleware to decide
# whether to block requests from this IP.
config
=
Gitlab
.
config
.
rack_attack
.
git_basic_auth
if
config
.
enabled
if
user
# A successful login will reset the auth failure count from this IP
Rack
::
Attack
::
Allow2Ban
.
reset
(
request
.
ip
,
config
)
else
banned
=
Rack
::
Attack
::
Allow2Ban
.
filter
(
request
.
ip
,
config
)
do
# Unless the IP is whitelisted, return true so that Allow2Ban
# increments the counter (stored in Rails.cache) for the IP
if
config
.
ip_whitelist
.
include?
(
request
.
ip
)
false
else
true
end
end
if
banned
Rails
.
logger
.
info
"IP
#{
request
.
ip
}
failed to login "
\
"as
#{
login
}
but has been temporarily banned from Git auth"
return
end
end
end
Gitlab
::
Auth
.
rate_limit!
(
request
.
ip
,
success:
user
.
present?
,
login:
login
)
user
end
end
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment