[customs] RetryAfter not decreasing

[enote-kane]

Description

After getting blocked, the RetryAfter as returned by fxa-customs-server and used to form the response header does not increase over time, which is bad for clients.

Steps to reproduce

1. execute a bad login attempt:

   curl -s 'http://localhost:7000/failedLoginAttempt' -X POST -H 'content-type: application/json' --data-binary '{"action": "accountLogin", "ip": "...", "email": "...", "errno": 125}'

2. check the status of the user activity:

   curl -s 'http://localhost:7000/check' -X POST -H 'content-type: application/json' --data-binary '{"action": "accountLogin", "ip": "...", "email": "..."}' | jq '.'

3. repeat 1. + 2. until the /check route returns that the user is blocked, e.g.:

   {
     "block": true,
     "retryAfter": 900,
     "unblock": true,
     "suspect": false,
     "blockReason": "other"
   }

4. wait a few seconds
5. execute another /check

Expected result

After the activity has been blocked, I'd expect the returned retryAfter to decrease, so that a client can tell the user how much longer to wait until the block is removed.

Actual result

The /check response always contains the initially reported number, even if the block is removed the next second.

Environment

Not applicable

┆Issue is synchronized with this Jira Task

[clouserw]

Is the block actually removed the next second? I assumed it was reset every time you tried if it was already blocked

[vpomerleau]

The observed behaviour is expected for this endpoint. Repeated attempts on this endpoint increase/reset the ban period.