Skip to content
Permalink
Browse files

fix dep, header ratelimiting

  • Loading branch information
Krocodial
Krocodial committed Dec 2, 2019
1 parent c47e792 commit 4d729d8cd8eaad02160878e377e5258c4d10c8bf
Showing with 3 additions and 4 deletions.
  1. +1 −2 Jenkinsfile
  2. +1 −1 classy/views.py
  3. +1 −1 requirements.txt
@@ -286,8 +286,7 @@ pipeline {

openshift.apply(nginx)

/*certbot = openshift.process(
readFile(file:"${certbotBC}"))*/
certbot = openshift.process(readFile(file:"${certbotBC}"))

//openshift.apply(certbot)

@@ -619,7 +619,7 @@ def gov_temp(request):

# User is redirected here after authentication is complete via keycloak authentication server with a long, short-lived code. We exchange this code via an out-of-band REST call to the keycloak auth server for an access and refresh token. In the token is a list of permissions the user has, we check and set these via middleware. Once the token is verified we log the user in via a local session and give them a session cookie (they will never see the tokens so no risk of mishandling)
#@requires_csrf_token
@ratelimit(key='ip', rate='6/m', method=['GET'], block=True)
@ratelimit(key='header:x-forwarded-for', rate='6/m', method=['GET'], block=True)
def login_complete(request):
try:
redirect_uri = os.getenv('REDIRECT_URI') + reverse('classy:login_complete')
@@ -1,6 +1,6 @@
certifi==2019.3.9
chardet==3.0.4
Django>=2.2.4
Django==2.2.6
django-background-tasks==1.2.0
django-ratelimit==2.0.0
ecdsa>=0.13.3

0 comments on commit 4d729d8

Please sign in to comment.
You can’t perform that action at this time.