Increase allowed auth failure attempts, Increase maximum incremental backoff retry interval
parent
f953302c27
commit
c6bfdd45be
|
@ -11,6 +11,8 @@ and the [ntfy Android app](https://github.com/binwiederhier/ntfy-android/release
|
||||||
**Bug fixes + maintenance:**
|
**Bug fixes + maintenance:**
|
||||||
|
|
||||||
* `ntfy sub --poll --from-config` will now include authentication headers from client.yml (if applicable) ([#658](https://github.com/binwiederhier/ntfy/issues/658), thanks to [@wunter8](https://github.com/wunter8))
|
* `ntfy sub --poll --from-config` will now include authentication headers from client.yml (if applicable) ([#658](https://github.com/binwiederhier/ntfy/issues/658), thanks to [@wunter8](https://github.com/wunter8))
|
||||||
|
* Increase allowed auth failure attempts per IP address to 30 (no ticket)
|
||||||
|
* Web app: Increase maximum incremental backoff retry interval to 2 minutes (no ticket)
|
||||||
|
|
||||||
**Documentation:**
|
**Documentation:**
|
||||||
|
|
||||||
|
|
|
@ -49,7 +49,7 @@ const (
|
||||||
DefaultVisitorEmailLimitReplenish = time.Hour
|
DefaultVisitorEmailLimitReplenish = time.Hour
|
||||||
DefaultVisitorAccountCreationLimitBurst = 3
|
DefaultVisitorAccountCreationLimitBurst = 3
|
||||||
DefaultVisitorAccountCreationLimitReplenish = 24 * time.Hour
|
DefaultVisitorAccountCreationLimitReplenish = 24 * time.Hour
|
||||||
DefaultVisitorAuthFailureLimitBurst = 10
|
DefaultVisitorAuthFailureLimitBurst = 30
|
||||||
DefaultVisitorAuthFailureLimitReplenish = time.Minute
|
DefaultVisitorAuthFailureLimitReplenish = time.Minute
|
||||||
DefaultVisitorAttachmentTotalSizeLimit = 100 * 1024 * 1024 // 100 MB
|
DefaultVisitorAttachmentTotalSizeLimit = 100 * 1024 * 1024 // 100 MB
|
||||||
DefaultVisitorAttachmentDailyBandwidthLimit = 500 * 1024 * 1024 // 500 MB
|
DefaultVisitorAttachmentDailyBandwidthLimit = 500 * 1024 * 1024 // 500 MB
|
||||||
|
|
|
@ -796,6 +796,7 @@ func TestServer_Auth_Fail_CannotPublish(t *testing.T) {
|
||||||
|
|
||||||
func TestServer_Auth_Fail_Rate_Limiting(t *testing.T) {
|
func TestServer_Auth_Fail_Rate_Limiting(t *testing.T) {
|
||||||
c := newTestConfigWithAuthFile(t)
|
c := newTestConfigWithAuthFile(t)
|
||||||
|
c.VisitorAuthFailureLimitBurst = 10
|
||||||
s := newTestServer(t, c)
|
s := newTestServer(t, c)
|
||||||
|
|
||||||
for i := 0; i < 10; i++ {
|
for i := 0; i < 10; i++ {
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
import {basicAuth, bearerAuth, encodeBase64Url, topicShortUrl, topicUrlWs} from "./utils";
|
import {basicAuth, bearerAuth, encodeBase64Url, topicShortUrl, topicUrlWs} from "./utils";
|
||||||
|
|
||||||
const retryBackoffSeconds = [5, 10, 15, 20, 30];
|
const retryBackoffSeconds = [5, 10, 20, 30, 60, 120];
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* A connection contains a single WebSocket connection for one topic. It handles its connection
|
* A connection contains a single WebSocket connection for one topic. It handles its connection
|
||||||
|
|
Loading…
Reference in New Issue