Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Fix bad memcache key bug.

The keys that we were generating to store in memcache could contain
characters that memcache doesn't like. Also, the keys we were storing
could be too big for memcache to store.
  • Loading branch information...
commit e3b8e8fd92fa075020a01f67d6f0d98a64e786da 1 parent deab53b
Ramanan Sivaranjan funkaoshi authored
Showing with 14 additions and 2 deletions.
  1. +14 −2 security/auth_throttling/__init__.py
16 security/auth_throttling/__init__.py
View
@@ -1,5 +1,6 @@
# Copyright (c) 2011, SD Elements. See ../LICENSE.txt for details.
+import hashlib
import logging
from math import ceil
import re
@@ -20,6 +21,7 @@
logger = logging.getLogger(__name__)
+
def delay_message(remainder):
"""
A natural-language description of a delay period.
@@ -31,13 +33,21 @@ def delay_message(remainder):
_("1 second") if ceil(remainder) == 1 else
_("%d seconds") % ceil(remainder))
+
def _key(counter_type, counter_name):
- return "security.authentication_throttling.%s:%s" % (counter_type,
- counter_name)
+ """
+ We store a hashed version of the key because what we generate can be
+ too long, and it's possible the POST data we get could contain characters
+ that memcache doesn't like.
+ """
+ k = "security.authentication_throttling.%s:%s" % (counter_type, counter_name)
+ return hashlib.sha1(val).hexdigest()
+
def reset_counters(**counters):
cache.delete_many([_key(*pair) for pair in counters.items()])
+
def increment_counters(**counters):
"""
Each keyword is a counter type (e.g. "username", "ip") and each argument
@@ -51,12 +61,14 @@ def increment_counters(**counters):
existing[key] = (existing.get(key, (0,))[0] + 1, t)
cache.set_many(existing)
+
def attempt_count(attempt_type, id):
"""
Only used by tests.
"""
return cache.get(_key(attempt_type, id), (0,))[0]
+
def register_authentication_attempt(request):
"""
The given request is a login attempt that has already passed through the
Please sign in to comment.
Something went wrong with that request. Please try again.