Commit Graph

24 Commits

Author SHA1 Message Date
David Taylor 6417173082
DEV: Apply syntax_tree formatting to `lib/*` 2023-01-09 12:10:19 +00:00
Osama Sayegh b86127ad12
FEATURE: Apply rate limits per user instead of IP for trusted users (#14706)
Currently, Discourse rate limits all incoming requests by the IP address they
originate from regardless of the user making the request. This can be
frustrating if there are multiple users using Discourse simultaneously while
sharing the same IP address (e.g. employees in an office).

This commit implements a new feature to make Discourse apply rate limits by
user id rather than IP address for users at or higher than the configured trust
level (1 is the default).

For example, let's say a Discourse instance is configured to allow 200 requests
per minute per IP address, and we have 10 users at trust level 4 using
Discourse simultaneously from the same IP address. Before this feature, the 10
users could only make a total of 200 requests per minute before they got rate
limited. But with the new feature, each user is allowed to make 200 requests
per minute because the rate limits are applied on user id rather than the IP
address.

The minimum trust level for applying user-id-based rate limits can be
configured by the `skip_per_ip_rate_limit_trust_level` global setting. The
default is 1, but it can be changed by either adding the
`DISCOURSE_SKIP_PER_IP_RATE_LIMIT_TRUST_LEVEL` environment variable with the
desired value to your `app.yml`, or changing the setting's value in the
`discourse.conf` file.

Requests made with API keys are still rate limited by IP address and the
relevant global settings that control API keys rate limits.

Before this commit, Discourse's auth cookie (`_t`) was simply a 32 characters
string that Discourse used to lookup the current user from the database and the
cookie contained no additional information about the user. However, we had to
change the cookie content in this commit so we could identify the user from the
cookie without making a database query before the rate limits logic and avoid
introducing a bottleneck on busy sites.

Besides the 32 characters auth token, the cookie now includes the user id,
trust level and the cookie's generation date, and we encrypt/sign the cookie to
prevent tampering.

Internal ticket number: t54739.
2021-11-17 23:27:30 +03:00
Bianca Nenciu c4843fc1c1
FEATURE: Allow admins to permanently delete posts and topics (#14406)
Sometimes administrators want to permanently delete posts and topics
from the database. To make sure that this is done for a good reasons,
administrators can do this only after one minute has passed since the
post was deleted or immediately if another administrator does it.
2021-10-13 12:53:23 +03:00
Bianca Nenciu 38af28d58b
FIX: Allow add email to group if user can invite (#13097)
It used to allow adding email addresses to a group even if invites were
disabled for the site. This does not allow user to input email address
if they cannot invite.

The second thing this commit improves is the message that is displayed
to the user when they hit the invite rate limit.
2021-05-21 11:34:17 +03:00
Sam Saffron 30990006a9 DEV: enable frozen string literal on all files
This reduces chances of errors where consumers of strings mutate inputs
and reduces memory usage of the app.

Test suite passes now, but there may be some stuff left, so we will run
a few sites on a branch prior to merging
2019-05-13 09:31:32 +08:00
Sam Saffron e2bcf55077 DEV: move send => public_send in lib folder
This handles most of the cases in `lib` where we were using send instead
of public_send
2019-05-07 12:25:44 +10:00
Sam Saffron 9be70a22cd DEV: introduce new API to look up dynamic site setting
This removes all uses of both `send` and `public_send` from consumers of
SiteSetting and instead introduces a `get` helper for dynamic lookup

This leads to much cleaner and safer code long term as we are always explicit
to test that a site setting is really there before sending an arbitrary
string to the class

It also removes a couple of risky stubs from the auth provider test
2019-05-07 11:00:30 +10:00
Guo Xiang Tan 630b4570ef Add specs for `RateLimiter::LimitExceeded#description`. 2018-06-19 07:48:03 +08:00
Neil Lalonde 320cd9a19e UX: rate limiter message will say to wait "a few seconds" instead of 0 to 3 seconds 2018-06-18 14:14:47 -04:00
Sam 5a9622163d FIX: regression around rate limiter 2017-12-04 21:44:16 +11:00
Guo Xiang Tan 5012d46cbd Add rubocop to our build. (#5004) 2017-07-28 10:20:09 +09:00
Arpit Jalan 6633b92d5f FIX: do not raise exception if user not found while rate limiting 2016-04-13 20:08:03 +05:30
Robin Ward 06591022fe FEATURE: Generous badge 2016-03-15 16:08:29 -04:00
Régis Hanol 622d804d46 FEATURE: Add rejection message on rejected IncomingEmail
FIX: Better RateLimit description in rejected IncomingEmail
FEATURE: Send email when hitting a rate limit
2016-03-07 16:56:17 +01:00
Robin Ward 0b4cb5cf0d Add better error messages for rate limits. 2015-09-24 13:52:46 -04:00
Robin Ward 3620c8c85e Move descriptions for rate limiting errors into the exception 2015-09-24 13:52:46 -04:00
Robin Ward dd3953bf19 FIX: Ruby 2.2 has `include` as private 2015-04-21 13:35:00 -04:00
Robin Ward 2713b77e28 FIX: If validations were disabled some rate limits continued to run 2015-04-21 13:16:05 -04:00
Sam bb20f64cb2 use standard error so its easier to catch 2015-03-23 12:20:50 +11:00
Neil Lalonde 4f6d5d9215 FEATURE: add site settings rate_limit_new_user_create_topic and rate_limit_new_user_create_post to have different rate limits for topic and post creation for new users 2014-07-14 16:58:16 -04:00
Sam 96fdf72d5e rails master compatability 2013-12-13 17:04:45 +11:00
Régis Hanol 239cbd2d58 enforce coding convention
replaced every `and` by `&&` and every `or` by `||`
2013-03-05 01:42:44 +01:00
Gosha Arinich cafc75b238 remove trailing whitespaces ❤️ 2013-02-26 07:31:35 +03:00
Robin Ward 21b5628528 Initial release of Discourse 2013-02-05 14:16:51 -05:00