Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Merge pull request #122 from alphagov/timeout-if-authentication-takes…

…-too-long

Timeout request if authentication takes too long
  • Loading branch information...
commit 92e63ad856b736ed623d748bb29e2bdb1c1e5ed5 2 parents fc8d78b + 09c2074
@alext alext authored
View
17 app/controllers/application_controller.rb
@@ -1,3 +1,5 @@
+require 'timeout'
+
class ApplicationController < ActionController::Base
include GDS::SSO::ControllerMethods
@@ -5,6 +7,8 @@ class ApplicationController < ActionController::Base
protect_from_forgery
+ rescue_from Timeout::Error, with: :service_unavailable
+
protected
def exception_notification_for(e)
exception_class_name = e.class.name.demodulize.downcase
@@ -19,6 +23,17 @@ def exception_notification_for(e)
end
def authenticate_support_user!
- $statsd.time("#{::STATSD_PREFIX}.timings.authentication") { authenticate_user! }
+ Timeout::timeout(default_timeout_in_seconds) {
+ $statsd.time("#{::STATSD_PREFIX}.timings.authentication") { authenticate_user! }
+ }
+ end
+
+ def service_unavailable
+ $statsd.increment("#{::STATSD_PREFIX}.authentication_timeout")
+ render nothing: true, status: 503
+ end
+
+ def default_timeout_in_seconds
+ 3
end
end
View
35 test/functional/application_controller_test.rb
@@ -0,0 +1,35 @@
+require 'test_helper'
+
+class TestController < ApplicationController
+ def index
+ raise "should never reach this point because authentication should time out"
+ end
+
+ private
+ def authenticate_user!
+ sleep 1
+ end
+
+ def default_timeout_in_seconds
+ 0.5
+ end
+end
+
+class ApplicationControllerTest < ActionController::TestCase
+ setup do
+ @controller = TestController.new
+
+ Rails.application.routes.draw do
+ match 'index' => "test#index"
+ end
+ end
+
+ teardown do
+ Rails.application.reload_routes!
+ end
+
+ should "acknowledge a valid request" do
+ get :index
+ assert_response 503
+ end
+end
Please sign in to comment.
Something went wrong with that request. Please try again.