fix dep, header ratelimiting

Krocodial · Dec 2, 2019 · 4d729d8cd8eaad02160878e377e5258c4d10c8bf · 4d729d8
1 parent c47e792
commit 4d729d8cd8eaad02160878e377e5258c4d10c8bf
Unified Split

Showing with 3 additions and 4 deletions.

+1 −2 Jenkinsfile

+1 −1 classy/views.py

+1 −1 requirements.txt
diff --git a/Jenkinsfile b/Jenkinsfile
@@ -286,8 +286,7 @@ pipeline {
 
                         openshift.apply(nginx)
 
-                        /*certbot = openshift.process(
-                            readFile(file:"${certbotBC}"))*/
+                        certbot = openshift.process(readFile(file:"${certbotBC}"))
 
                         //openshift.apply(certbot)
 

diff --git a/classy/views.py b/classy/views.py
@@ -619,7 +619,7 @@ def gov_temp(request):
 
 # User is redirected here after authentication is complete via keycloak authentication server with a long, short-lived code. We exchange this code via an out-of-band REST call to the keycloak auth server for an access and refresh token. In the token is a list of permissions the user has, we check and set these via middleware. Once the token is verified we log the user in via a local session and give them a session cookie (they will never see the tokens so no risk of mishandling)
 #@requires_csrf_token
-@ratelimit(key='ip', rate='6/m', method=['GET'], block=True)
+@ratelimit(key='header:x-forwarded-for', rate='6/m', method=['GET'], block=True)
 def login_complete(request):
     try:
         redirect_uri = os.getenv('REDIRECT_URI') +  reverse('classy:login_complete')

diff --git a/requirements.txt b/requirements.txt
@@ -1,6 +1,6 @@
 certifi==2019.3.9
 chardet==3.0.4
-Django>=2.2.4
+Django==2.2.6
 django-background-tasks==1.2.0
 django-ratelimit==2.0.0
 ecdsa>=0.13.3