rack-attack 5.4.0 → 6.2.0

data/lib/rack/attack/allow2ban.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Rack
   class Attack
     class Allow2Ban < Fail2Ban

data/lib/rack/attack/blocklist.rb

@@ -1,7 +1,9 @@
+# frozen_string_literal: true
+
 module Rack
   class Attack
     class Blocklist < Check
-      def initialize(name, block)
+      def initialize(name = nil, &block)
         super
         @type = :blocklist
       end

data/lib/rack/attack/cache.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Rack
   class Attack
     class Cache
@@ -27,7 +29,7 @@ module Rack
       end
 
       def write(unprefixed_key, value, expires_in)
-        store.write("#{prefix}:#{unprefixed_key}", value, :expires_in => expires_in)
+        store.write("#{prefix}:#{unprefixed_key}", value, expires_in: expires_in)
       end
 
       def reset_count(unprefixed_key, period)
@@ -52,13 +54,13 @@ module Rack
         enforce_store_presence!
         enforce_store_method_presence!(:increment)
 
-        result = store.increment(key, 1, :expires_in => expires_in)
+        result = store.increment(key, 1, expires_in: expires_in)
 
         # NB: Some stores return nil when incrementing uninitialized values
         if result.nil?
           enforce_store_method_presence!(:write)
 
-          store.write(key, 1, :expires_in => expires_in)
+          store.write(key, 1, expires_in: expires_in)
         end
         result || 1
       end
@@ -71,7 +73,10 @@ module Rack
 
       def enforce_store_method_presence!(method_name)
         if !store.respond_to?(method_name)
-          raise Rack::Attack::MisconfiguredStoreError, "Store needs to respond to ##{method_name}"
+          raise(
+            Rack::Attack::MisconfiguredStoreError,
+            "Configured store #{store.class.name} doesn't respond to ##{method_name} method"
+          )
         end
       end
     end

data/lib/rack/attack/check.rb

@@ -1,9 +1,12 @@
+# frozen_string_literal: true
+
 module Rack
   class Attack
     class Check
       attr_reader :name, :block, :type
-      def initialize(name, options = {}, block)
-        @name, @block = name, block
+      def initialize(name, options = {}, &block)
+        @name = name
+        @block = block
         @type = options.fetch(:type, nil)
       end
 

data/lib/rack/attack/fail2ban.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Rack
   class Attack
     class Fail2Ban

data/lib/rack/attack/path_normalizer.rb

@@ -1,22 +1,26 @@
-class Rack::Attack
-  # When using Rack::Attack with a Rails app, developers expect the request path
-  # to be normalized. In particular, trailing slashes are stripped.
-  # (See https://git.io/v0rrR for implementation.)
-  #
-  # Look for an ActionDispatch utility class that Rails folks would expect
-  # to normalize request paths. If unavailable, use a fallback class that
-  # doesn't normalize the path (as a non-Rails rack app developer expects).
+# frozen_string_literal: true
 
-  module FallbackPathNormalizer
-    def self.normalize_path(path)
-      path
+module Rack
+  class Attack
+    # When using Rack::Attack with a Rails app, developers expect the request path
+    # to be normalized. In particular, trailing slashes are stripped.
+    # (See https://git.io/v0rrR for implementation.)
+    #
+    # Look for an ActionDispatch utility class that Rails folks would expect
+    # to normalize request paths. If unavailable, use a fallback class that
+    # doesn't normalize the path (as a non-Rails rack app developer expects).
+
+    module FallbackPathNormalizer
+      def self.normalize_path(path)
+        path
+      end
     end
-  end
 
-  PathNormalizer = if defined?(::ActionDispatch::Journey::Router::Utils)
-                     # For Rails apps
-                     ::ActionDispatch::Journey::Router::Utils
-                   else
-                     FallbackPathNormalizer
-                   end
+    PathNormalizer = if defined?(::ActionDispatch::Journey::Router::Utils)
+                       # For Rails apps
+                       ::ActionDispatch::Journey::Router::Utils
+                     else
+                       FallbackPathNormalizer
+                     end
+  end
 end

data/lib/rack/attack/railtie.rb

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+module Rack
+  class Attack
+    class Railtie < ::Rails::Railtie
+      initializer 'rack.attack.middleware', after: :load_config_initializers, before: :build_middleware_stack do |app|
+        if Gem::Version.new(::Rails::VERSION::STRING) >= Gem::Version.new("5.1")
+          middlewares = app.config.middleware
+          operations = middlewares.send(:operations) + middlewares.send(:delete_operations)
+
+          use_middleware = operations.none? do |operation|
+            middleware = operation[1]
+            middleware.include?(Rack::Attack)
+          end
+
+          middlewares.use(Rack::Attack) if use_middleware
+        end
+      end
+    end
+  end
+end

data/lib/rack/attack/request.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # Rack::Attack::Request is the same as ::Rack::Request by default.
 #
 # This is a safe place to add custom helper methods to the request object

data/lib/rack/attack/safelist.rb

@@ -1,7 +1,9 @@
+# frozen_string_literal: true
+
 module Rack
   class Attack
     class Safelist < Check
-      def initialize(name, block)
+      def initialize(name = nil, &block)
         super
         @type = :safelist
       end

data/lib/rack/attack/store_proxy.rb

@@ -1,32 +1,20 @@
+# frozen_string_literal: true
+
 module Rack
   class Attack
     module StoreProxy
-      PROXIES = [DalliProxy, MemCacheProxy, RedisStoreProxy, RedisProxy, RedisCacheStoreProxy].freeze
-
-      ACTIVE_SUPPORT_WRAPPER_CLASSES = Set.new(['ActiveSupport::Cache::MemCacheStore', 'ActiveSupport::Cache::RedisStore', 'ActiveSupport::Cache::RedisCacheStore']).freeze
-      ACTIVE_SUPPORT_CLIENTS = Set.new(['Redis::Store', 'Dalli::Client', 'MemCache']).freeze
+      PROXIES = [
+        DalliProxy,
+        MemCacheStoreProxy,
+        RedisStoreProxy,
+        RedisProxy,
+        RedisCacheStoreProxy,
+        ActiveSupportRedisStoreProxy
+      ].freeze
 
       def self.build(store)
-        client = unwrap_active_support_stores(store)
-        klass = PROXIES.find { |proxy| proxy.handle?(client) }
-        klass ? klass.new(client) : client
-      end
-
-      def self.unwrap_active_support_stores(store)
-        # ActiveSupport::Cache::RedisStore doesn't expose any way to set an expiry,
-        # so use the raw Redis::Store instead.
-        # We also want to use the underlying Dalli client instead of ::ActiveSupport::Cache::MemCacheStore,
-        # and the MemCache client if using Rails 3.x
-
-        if store.instance_variable_defined?(:@data)
-          client = store.instance_variable_get(:@data)
-        end
-
-        if ACTIVE_SUPPORT_WRAPPER_CLASSES.include?(store.class.to_s) && ACTIVE_SUPPORT_CLIENTS.include?(client.class.to_s)
-          client
-        else
-          store
-        end
+        klass = PROXIES.find { |proxy| proxy.handle?(store) }
+        klass ? klass.new(store) : store
       end
     end
   end

data/lib/rack/attack/store_proxy/active_support_redis_store_proxy.rb

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+require 'delegate'
+
+module Rack
+  class Attack
+    module StoreProxy
+      class ActiveSupportRedisStoreProxy < SimpleDelegator
+        def self.handle?(store)
+          defined?(::Redis) &&
+            defined?(::ActiveSupport::Cache::RedisStore) &&
+            store.is_a?(::ActiveSupport::Cache::RedisStore)
+        end
+
+        def increment(name, amount = 1, options = {})
+          # #increment ignores options[:expires_in].
+          #
+          # So in order to workaround this we use #write (which sets expiration) to initialize
+          # the counter. After that we continue using the original #increment.
+          if options[:expires_in] && !read(name)
+            write(name, amount, options)
+
+            amount
+          else
+            super
+          end
+        end
+
+        def read(name, options = {})
+          super(name, options.merge!(raw: true))
+        end
+
+        def write(name, value, options = {})
+          super(name, value, options.merge!(raw: true))
+        end
+      end
+    end
+  end
+end

data/lib/rack/attack/store_proxy/dalli_proxy.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'delegate'
 
 module Rack
@@ -22,31 +24,35 @@ module Rack
         end
 
         def read(key)
-          with do |client|
-            client.get(key)
+          rescuing do
+            with do |client|
+              client.get(key)
+            end
           end
-        rescue Dalli::DalliError
         end
 
         def write(key, value, options = {})
-          with do |client|
-            client.set(key, value, options.fetch(:expires_in, 0), raw: true)
+          rescuing do
+            with do |client|
+              client.set(key, value, options.fetch(:expires_in, 0), raw: true)
+            end
           end
-        rescue Dalli::DalliError
         end
 
         def increment(key, amount, options = {})
-          with do |client|
-            client.incr(key, amount, options.fetch(:expires_in, 0), amount)
+          rescuing do
+            with do |client|
+              client.incr(key, amount, options.fetch(:expires_in, 0), amount)
+            end
           end
-        rescue Dalli::DalliError
         end
 
         def delete(key)
-          with do |client|
-            client.delete(key)
+          rescuing do
+            with do |client|
+              client.delete(key)
+            end
           end
-        rescue Dalli::DalliError
         end
 
         private
@@ -54,10 +60,18 @@ module Rack
         def stub_with_if_missing
           unless __getobj__.respond_to?(:with)
             class << self
-              def with; yield __getobj__; end
+              def with
+                yield __getobj__
+              end
             end
           end
         end
+
+        def rescuing
+          yield
+        rescue Dalli::DalliError
+          nil
+        end
       end
     end
   end

data/lib/rack/attack/store_proxy/mem_cache_store_proxy.rb

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+require 'delegate'
+
+module Rack
+  class Attack
+    module StoreProxy
+      class MemCacheStoreProxy < SimpleDelegator
+        def self.handle?(store)
+          defined?(::Dalli) &&
+            defined?(::ActiveSupport::Cache::MemCacheStore) &&
+            store.is_a?(::ActiveSupport::Cache::MemCacheStore)
+        end
+
+        def write(name, value, options = {})
+          super(name, value, options.merge!(raw: true))
+        end
+      end
+    end
+  end
+end

data/lib/rack/attack/store_proxy/redis_cache_store_proxy.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'delegate'
 
 module Rack
@@ -5,7 +7,7 @@ module Rack
     module StoreProxy
       class RedisCacheStoreProxy < SimpleDelegator
         def self.handle?(store)
-          defined?(::Redis) && defined?(::ActiveSupport::Cache::RedisCacheStore) && store.is_a?(::ActiveSupport::Cache::RedisCacheStore)
+          store.class.name == "ActiveSupport::Cache::RedisCacheStore"
         end
 
         def increment(name, amount = 1, options = {})
@@ -13,21 +15,33 @@ module Rack
           #
           # So in order to workaround this we use RedisCacheStore#write (which sets expiration) to initialize
           # the counter. After that we continue using the original RedisCacheStore#increment.
-          if options[:expires_in] && !read(name)
-            write(name, amount, options)
+          rescuing do
+            if options[:expires_in] && !read(name)
+              write(name, amount, options)
 
-            amount
-          else
-            super
+              amount
+            else
+              super
+            end
           end
         end
 
-        def read(name, options = {})
-          super(name, options.merge!(raw: true))
+        def read(*_args)
+          rescuing { super }
         end
 
         def write(name, value, options = {})
-          super(name, value, options.merge!(raw: true))
+          rescuing do
+            super(name, value, options.merge!(raw: true))
+          end
+        end
+
+        private
+
+        def rescuing
+          yield
+        rescue Redis::BaseError
+          nil
         end
       end
     end

data/lib/rack/attack/store_proxy/redis_proxy.rb

@@ -19,34 +19,40 @@ module Rack
         end
 
         def read(key)
-          get(key)
-        rescue Redis::BaseError
+          rescuing { get(key) }
         end
 
         def write(key, value, options = {})
           if (expires_in = options[:expires_in])
-            setex(key, expires_in, value)
+            rescuing { setex(key, expires_in, value) }
           else
-            set(key, value)
+            rescuing { set(key, value) }
           end
-        rescue Redis::BaseError
         end
 
         def increment(key, amount, options = {})
           count = nil
 
-          pipelined do
-            count = incrby(key, amount)
-            expire(key, options[:expires_in]) if options[:expires_in]
+          rescuing do
+            pipelined do
+              count = incrby(key, amount)
+              expire(key, options[:expires_in]) if options[:expires_in]
+            end
           end
 
           count.value if count
-        rescue Redis::BaseError
         end
 
         def delete(key, _options = {})
-          del(key)
+          rescuing { del(key) }
+        end
+
+        private
+
+        def rescuing
+          yield
         rescue Redis::BaseError
+          nil
         end
       end
     end