# Pleroma: A lightweight social networking server
-# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Plugs.RateLimiter do
end
def call(conn, plug_opts) do
- if disabled?() do
+ if disabled?(conn) do
handle_disabled(conn)
else
action_settings = action_settings(plug_opts)
end
defp handle_disabled(conn) do
- if Config.get(:env) == :prod do
- Logger.warn("Rate limiter is disabled for localhost/socket")
- end
+ Logger.warn(
+ "Rate limiter disabled due to forwarded IP not being found. Please ensure your reverse proxy is providing the X-Forwarded-For header or disable the RemoteIP plug/rate limiter."
+ )
conn
end
end
end
- def disabled? do
- localhost_or_socket =
- Config.get([Pleroma.Web.Endpoint, :http, :ip])
- |> Tuple.to_list()
- |> Enum.join(".")
- |> String.match?(~r/^local|^127.0.0.1/)
-
- remote_ip_disabled = not Config.get([Pleroma.Plugs.RemoteIp, :enabled])
-
- localhost_or_socket and remote_ip_disabled
+ def disabled?(conn) do
+ if Map.has_key?(conn.assigns, :remote_ip_found),
+ do: !conn.assigns.remote_ip_found,
+ else: false
end
+ @inspect_bucket_not_found {:error, :not_found}
+
def inspect_bucket(conn, bucket_name_root, plug_opts) do
with %{name: _} = action_settings <- action_settings(plug_opts) do
action_settings = incorporate_conn_info(action_settings, conn)
case Cachex.get(bucket_name, key_name) do
{:error, :no_cache} ->
- {:err, :not_found}
+ @inspect_bucket_not_found
{:ok, nil} ->
{0, limit}
{value, limit - value}
end
else
- _ -> {:err, :not_found}
+ _ -> @inspect_bucket_not_found
end
end
{:error, value}
{:error, :no_cache} ->
- initialize_buckets(action_settings)
+ initialize_buckets!(action_settings)
check_rate(action_settings)
end
end
|> String.replace_leading(":", "")
end
- defp initialize_buckets(%{name: _name, limits: nil}), do: :ok
+ defp initialize_buckets!(%{name: _name, limits: nil}), do: :ok
+
+ defp initialize_buckets!(%{name: name, limits: limits}) do
+ {:ok, _pid} =
+ LimiterSupervisor.add_or_return_limiter(anon_bucket_name(name), get_scale(:anon, limits))
+
+ {:ok, _pid} =
+ LimiterSupervisor.add_or_return_limiter(user_bucket_name(name), get_scale(:user, limits))
- defp initialize_buckets(%{name: name, limits: limits}) do
- LimiterSupervisor.add_limiter(anon_bucket_name(name), get_scale(:anon, limits))
- LimiterSupervisor.add_limiter(user_bucket_name(name), get_scale(:user, limits))
+ :ok
end
defp attach_identity(base, %{mode: :user, conn_info: conn_info}),