Commit d21e2d6b authored by ale's avatar ale

Bypass ratelimit/blacklists if key is empty

parent eeb17c2f
......@@ -288,7 +288,11 @@ func (r *authRatelimiter) AllowIncr(user *backend.User, req *auth.Request) bool
if r.shouldBypass(user, req) {
return true
}
return r.rl.AllowIncr(r.key(user, req))
key := r.key(user, req)
if key == "" { // An empty key bypasses the rate limit.
return true
}
return r.rl.AllowIncr(key)
}
// Request-oriented blacklist with configurable keys.
......@@ -314,7 +318,11 @@ func (b *authBlacklist) Allow(user *backend.User, req *auth.Request) bool {
if b.shouldBypass(user, req) {
return true
}
return b.bl.Allow(b.key(user, req))
key := b.key(user, req)
if key == "" { // An empty key bypasses the blacklist.
return true
}
return b.bl.Allow(key)
}
func (b *authBlacklist) Incr(user *backend.User, req *auth.Request, resp *auth.Response) {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment