aiwaf 0.1.7.1__py3-none-any.whl → 0.1.7.2__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of aiwaf might be problematic. Click here for more details.
- aiwaf/middleware.py +13 -13
- {aiwaf-0.1.7.1.dist-info → aiwaf-0.1.7.2.dist-info}/METADATA +1 -1
- {aiwaf-0.1.7.1.dist-info → aiwaf-0.1.7.2.dist-info}/RECORD +6 -6
- {aiwaf-0.1.7.1.dist-info → aiwaf-0.1.7.2.dist-info}/WHEEL +0 -0
- {aiwaf-0.1.7.1.dist-info → aiwaf-0.1.7.2.dist-info}/licenses/LICENSE +0 -0
- {aiwaf-0.1.7.1.dist-info → aiwaf-0.1.7.2.dist-info}/top_level.txt +0 -0
aiwaf/middleware.py
CHANGED
|
@@ -101,29 +101,29 @@ class IPAndKeywordBlockMiddleware:
|
|
|
101
101
|
|
|
102
102
|
|
|
103
103
|
class RateLimitMiddleware:
|
|
104
|
-
WINDOW = 10
|
|
105
|
-
MAX
|
|
106
|
-
FLOOD
|
|
104
|
+
WINDOW = 10 # seconds
|
|
105
|
+
MAX = 20 # soft limit
|
|
106
|
+
FLOOD = 40 # hard limit
|
|
107
107
|
|
|
108
108
|
def __init__(self, get_response):
|
|
109
109
|
self.get_response = get_response
|
|
110
|
-
self.logs = defaultdict(list)
|
|
111
110
|
|
|
112
111
|
def __call__(self, request):
|
|
113
112
|
if is_exempt_path(request.path):
|
|
114
113
|
return self.get_response(request)
|
|
115
|
-
ip = get_ip(request)
|
|
116
|
-
now = time.time()
|
|
117
|
-
recs = [t for t in self.logs[ip] if now - t < self.WINDOW]
|
|
118
|
-
recs.append(now)
|
|
119
|
-
self.logs[ip] = recs
|
|
120
114
|
|
|
121
|
-
|
|
122
|
-
|
|
123
|
-
|
|
115
|
+
ip = get_ip(request)
|
|
116
|
+
key = f"ratelimit:{ip}"
|
|
117
|
+
now = time.time()
|
|
118
|
+
timestamps = cache.get(key, [])
|
|
119
|
+
timestamps = [t for t in timestamps if now - t < self.WINDOW]
|
|
120
|
+
timestamps.append(now)
|
|
121
|
+
cache.set(key, timestamps, timeout=self.WINDOW)
|
|
122
|
+
if len(timestamps) > self.FLOOD:
|
|
124
123
|
BlacklistManager.block(ip, "Flood pattern")
|
|
125
124
|
return JsonResponse({"error": "blocked"}, status=403)
|
|
126
|
-
|
|
125
|
+
if len(timestamps) > self.MAX:
|
|
126
|
+
return JsonResponse({"error": "too_many_requests"}, status=429)
|
|
127
127
|
return self.get_response(request)
|
|
128
128
|
|
|
129
129
|
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
aiwaf/__init__.py,sha256=nQFpJ1YpX48snzLjEQCf8zD2YNh8v0b_kPTrXx8uBYc,46
|
|
2
2
|
aiwaf/apps.py,sha256=nCez-Ptlv2kaEk5HenA8b1pATz1VfhrHP1344gwcY1A,142
|
|
3
3
|
aiwaf/blacklist_manager.py,sha256=sM6uTH7zD6MOPGb0kzqV2aFut2vxKgft_UVeRJr7klw,392
|
|
4
|
-
aiwaf/middleware.py,sha256=
|
|
4
|
+
aiwaf/middleware.py,sha256=50y13kXr_2oL9dymqncJfNhrCiPsLInWP4aVK1f88Ss,7469
|
|
5
5
|
aiwaf/models.py,sha256=8au1umopgCo0lthztTTRrYRJQUM7uX8eAeXgs3z45K4,1282
|
|
6
6
|
aiwaf/storage.py,sha256=bxCILzzvA1-q6nwclRE8WrfoRhe25H4VrsQDf0hl_lY,1903
|
|
7
7
|
aiwaf/trainer.py,sha256=ir5kFTeLQuhMd2h094ct03Wr-rNZsX-mZHwjLx29F54,6422
|
|
@@ -12,8 +12,8 @@ aiwaf/management/commands/detect_and_train.py,sha256=-o-LZ7QZ5GeJPCekryox1DGXKMm
|
|
|
12
12
|
aiwaf/resources/model.pkl,sha256=rCCXH38SJrnaOba2WZrU1LQVzWT34x6bTVkq20XJU-Q,1091129
|
|
13
13
|
aiwaf/template_tags/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
14
14
|
aiwaf/template_tags/aiwaf_tags.py,sha256=1KGqeioYmgKACDUiPkykSqI7DLQ6-Ypy1k00weWj9iY,399
|
|
15
|
-
aiwaf-0.1.7.
|
|
16
|
-
aiwaf-0.1.7.
|
|
17
|
-
aiwaf-0.1.7.
|
|
18
|
-
aiwaf-0.1.7.
|
|
19
|
-
aiwaf-0.1.7.
|
|
15
|
+
aiwaf-0.1.7.2.dist-info/licenses/LICENSE,sha256=Ir8PX4dxgAcdB0wqNPIkw84fzIIRKE75NoUil9RX0QU,1069
|
|
16
|
+
aiwaf-0.1.7.2.dist-info/METADATA,sha256=rlLaEQDZMgt5XHWpyt83q3NVZCxtdfpFPnarFBq_EpE,5790
|
|
17
|
+
aiwaf-0.1.7.2.dist-info/WHEEL,sha256=pxyMxgL8-pra_rKaQ4drOZAegBVuX-G_4nRHjjgWbmo,91
|
|
18
|
+
aiwaf-0.1.7.2.dist-info/top_level.txt,sha256=kU6EyjobT6UPCxuWpI_BvcHDG0I2tMgKaPlWzVxe2xI,6
|
|
19
|
+
aiwaf-0.1.7.2.dist-info/RECORD,,
|
|
File without changes
|
|
File without changes
|
|
File without changes
|