From 8c04893a047f1a3dfcde93b3c580b0d5adc70ef4 Mon Sep 17 00:00:00 2001 From: Robin Ward Date: Wed, 7 Feb 2018 00:31:05 -0500 Subject: [PATCH] FIX: Don't throttle local lookups --- lib/auth/default_current_user_provider.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/auth/default_current_user_provider.rb b/lib/auth/default_current_user_provider.rb index a23f028152e..8c56dc9d5af 100644 --- a/lib/auth/default_current_user_provider.rb +++ b/lib/auth/default_current_user_provider.rb @@ -48,7 +48,7 @@ class Auth::DefaultCurrentUserProvider if auth_token && auth_token.length == 32 limiter = RateLimiter.new(nil, "cookie_auth_#{request.ip}", COOKIE_ATTEMPTS_PER_MIN , 60) - if limiter.can_perform? + if request.ip == "127.0.0.1" || request.ip == "::1" || limiter.can_perform? @user_token = UserAuthToken.lookup(auth_token, seen: true, user_agent: @env['HTTP_USER_AGENT'],