Fix the problem of logging in successfully even if rate limiting

Signed-off-by: John Niang <johnniang@fastmail.com>
halo-dev · Jun 20, 2023 · c5ef019 · c5ef019
1 parent 2fd9cbd
commit c5ef019
Showing 1 changed file with 20 additions and 5 deletions.
diff --git a/...c/main/java/run/halo/app/security/authentication/login/UsernamePasswordAuthenticator.java b/...c/main/java/run/halo/app/security/authentication/login/UsernamePasswordAuthenticator.java
@@ -91,7 +91,8 @@ public UsernamePasswordAuthenticator(ServerResponse.Context context,
         this.rateLimiterRegistry = rateLimiterRegistry;
         this.messageSource = messageSource;
 
-        this.authenticationWebFilter = new AuthenticationWebFilter(authenticationManager());
+        this.authenticationWebFilter =
+            new UsernamePasswordAuthenticationWebFilter(authenticationManager());
         configureAuthenticationWebFilter(this.authenticationWebFilter);
     }
 
@@ -179,6 +180,23 @@ private Locale getLocale(ServerWebExchange exchange) {
         return locale == null ? Locale.getDefault() : locale;
     }
 
+    private class UsernamePasswordAuthenticationWebFilter extends AuthenticationWebFilter {
+
+        public UsernamePasswordAuthenticationWebFilter(
+            ReactiveAuthenticationManager authenticationManager) {
+            super(authenticationManager);
+        }
+
+        @Override
+        protected Mono<Void> onAuthenticationSuccess(Authentication authentication,
+            WebFilterExchange webFilterExchange) {
+            return super.onAuthenticationSuccess(authentication, webFilterExchange)
+                .transformDeferred(createIPBasedRateLimiter(webFilterExchange.getExchange()))
+                .onErrorResume(RequestNotPermitted.class,
+                    e -> handleRequestNotPermitted(e, webFilterExchange.getExchange()));
+        }
+    }
+
     public class LoginSuccessHandler implements ServerAuthenticationSuccessHandler {
 
         private final ServerAuthenticationSuccessHandler defaultHandler =
@@ -206,10 +224,7 @@ public Mono<Void> onAuthenticationSuccess(WebFilterExchange webFilterExchange,
                         .bodyValue(principal)
                         .flatMap(serverResponse ->
                             serverResponse.writeTo(exchange, context));
-                })
-                .transformDeferred(createIPBasedRateLimiter(exchange))
-                .onErrorResume(RequestNotPermitted.class,
-                    e -> handleRequestNotPermitted(e, exchange));
+                });
         }
     }