deepcrayon/lila
deepcrayon/lila
1
0
Fork 0
Code Releases Activity

normalize username before ratelimiting

Browse source
This commit is contained in:
Thibault Duplessis 2018-05-06 21:42:58 +02:00
parent 043d00395f
commit 0f7b806d99
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
modules/user/src/main/PasswordHasher.scala
View file

@ -111,7 +111,7 @@ object PasswordHasher {
def rateLimit[A: Zero](username: String, req: RequestHeader)(run: RateLimit.Charge => Fu[A]): Fu[A] = {
val cost = 1
val ip = HTTPRequest lastRemoteAddress req
rateLimitPerUser(username, cost = cost) {
rateLimitPerUser(User normalize username, cost = cost) {
rateLimitPerIP.chargeable(ip, cost = cost) { charge =>
rateLimitPerUA(~HTTPRequest.userAgent(req), cost = cost, msg = ip.value) {
rateLimitGlobal("-", cost = cost, msg = ip.value) {