Numeric ID checker now checks @0, don't ratelimit on checking
This commit is contained in:
parent
807ec3bd99
commit
b33c4f7a82
|
@ -168,6 +168,7 @@ class RegistrationHandler(BaseHandler):
|
||||||
Raises:
|
Raises:
|
||||||
RegistrationError if there was a problem registering.
|
RegistrationError if there was a problem registering.
|
||||||
"""
|
"""
|
||||||
|
yield self._check_registration_ratelimit(address)
|
||||||
|
|
||||||
yield self.auth.check_auth_blocking(threepid=threepid)
|
yield self.auth.check_auth_blocking(threepid=threepid)
|
||||||
password_hash = None
|
password_hash = None
|
||||||
|
@ -414,6 +415,30 @@ class RegistrationHandler(BaseHandler):
|
||||||
ratelimit=False,
|
ratelimit=False,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
def _check_registration_ratelimit(self, address):
|
||||||
|
"""A simple helper method to check whether the registration rate limit has been hit
|
||||||
|
for a given IP address
|
||||||
|
|
||||||
|
Args:
|
||||||
|
address (str): the IP address used to perform the registration.
|
||||||
|
|
||||||
|
Raises:
|
||||||
|
LimitExceededError: If the rate limit has been exceeded.
|
||||||
|
"""
|
||||||
|
time_now = self.clock.time()
|
||||||
|
|
||||||
|
allowed, time_allowed = self.ratelimiter.can_do_action(
|
||||||
|
address,
|
||||||
|
time_now_s=time_now,
|
||||||
|
rate_hz=self.hs.config.rc_registration.per_second,
|
||||||
|
burst_count=self.hs.config.rc_registration.burst_count,
|
||||||
|
)
|
||||||
|
|
||||||
|
if not allowed:
|
||||||
|
raise LimitExceededError(
|
||||||
|
retry_after_ms=int(1000 * (time_allowed - time_now))
|
||||||
|
)
|
||||||
|
|
||||||
def register_with_store(
|
def register_with_store(
|
||||||
self,
|
self,
|
||||||
user_id,
|
user_id,
|
||||||
|
@ -446,22 +471,6 @@ class RegistrationHandler(BaseHandler):
|
||||||
Returns:
|
Returns:
|
||||||
Deferred
|
Deferred
|
||||||
"""
|
"""
|
||||||
# Don't rate limit for app services
|
|
||||||
if appservice_id is None and address is not None:
|
|
||||||
time_now = self.clock.time()
|
|
||||||
|
|
||||||
allowed, time_allowed = self.ratelimiter.can_do_action(
|
|
||||||
address,
|
|
||||||
time_now_s=time_now,
|
|
||||||
rate_hz=self.hs.config.rc_registration.per_second,
|
|
||||||
burst_count=self.hs.config.rc_registration.burst_count,
|
|
||||||
)
|
|
||||||
|
|
||||||
if not allowed:
|
|
||||||
raise LimitExceededError(
|
|
||||||
retry_after_ms=int(1000 * (time_allowed - time_now))
|
|
||||||
)
|
|
||||||
|
|
||||||
if self.hs.config.worker_app:
|
if self.hs.config.worker_app:
|
||||||
return self._register_client(
|
return self._register_client(
|
||||||
user_id=user_id,
|
user_id=user_id,
|
||||||
|
|
|
@ -488,14 +488,14 @@ class RegistrationWorkerStore(SQLBaseStore):
|
||||||
we can. Unfortunately, it's possible some of them are already taken by
|
we can. Unfortunately, it's possible some of them are already taken by
|
||||||
existing users, and there may be gaps in the already taken range. This
|
existing users, and there may be gaps in the already taken range. This
|
||||||
function returns the start of the first allocatable gap. This is to
|
function returns the start of the first allocatable gap. This is to
|
||||||
avoid the case of ID 10000000 being pre-allocated, so us wasting the
|
avoid the case of ID 1000 being pre-allocated and starting at 1001 while
|
||||||
first (and shortest) many generated user IDs.
|
0-999 are available.
|
||||||
"""
|
"""
|
||||||
|
|
||||||
def _find_next_generated_user_id(txn):
|
def _find_next_generated_user_id(txn):
|
||||||
# We bound between '@1' and '@a' to avoid pulling the entire table
|
# We bound between '@0' and '@a' to avoid pulling the entire table
|
||||||
# out.
|
# out.
|
||||||
txn.execute("SELECT name FROM users WHERE '@1' <= name AND name < '@a'")
|
txn.execute("SELECT name FROM users WHERE '@0' <= name AND name < '@a'")
|
||||||
|
|
||||||
regex = re.compile(r"^@(\d+):")
|
regex = re.compile(r"^@(\d+):")
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue