Commit 52e903e9 authored by Marin Jankovski's avatar Marin Jankovski Committed by Jacob Vosmaer

Change rack attack example.

parent e328668f
...@@ -8,11 +8,19 @@ paths_to_be_protected = [ ...@@ -8,11 +8,19 @@ paths_to_be_protected = [
"#{Rails.application.config.relative_url_root}/api/#{API::API.version}/session.json", "#{Rails.application.config.relative_url_root}/api/#{API::API.version}/session.json",
"#{Rails.application.config.relative_url_root}/api/#{API::API.version}/session", "#{Rails.application.config.relative_url_root}/api/#{API::API.version}/session",
"#{Rails.application.config.relative_url_root}/users", "#{Rails.application.config.relative_url_root}/users",
"#{Rails.application.config.relative_url_root}/users/confirmation" "#{Rails.application.config.relative_url_root}/users/confirmation",
"#{Rails.application.config.relative_url_root}/unsubscribes/*"
] ]
paths_to_be_protected.map! { |path| Regexp.new(path) }
unless Rails.env.test? unless Rails.env.test?
Rack::Attack.throttle('protected paths', limit: 10, period: 60.seconds) do |req| Rack::Attack.throttle('protected paths', limit: 10, period: 60.seconds) do |req|
req.ip if paths_to_be_protected.include?(req.path) && req.post? if req.post?
paths_paths_to_be_protected.each do |protected_path|
req.ip if req.path =~ protected_path
end
end
end end
end end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment