Merge pull request #513 from mprihoda/feature/better-ratelimit-error

Return correct status codes from auth rate limiter failure.
2018-09-16 19:58:34 +02:00
parent 4b60ee5361 f5e7751835
commit 313b79538e
1 changed files with 10 additions and 0 deletions
--- a/core/admin/mailu/internal/init.py
+++ b/core/admin/mailu/internal/init.py
@@ -1,3 +1,5 @@
+from flask_limiter import RateLimitExceeded
+
 from mailu import limiter

 import socket
@@ -6,6 +8,14 @@ import flask

 internal = flask.Blueprint('internal', __name__)

+@internal.app_errorhandler(RateLimitExceeded)
+def rate_limit_handler(e):
+    response = flask.Response()
+    response.headers['Auth-Status'] = 'Authentication rate limit from one source exceeded'
+    response.headers['Auth-Error-Code'] = '451 4.3.2'
+    if int(flask.request.headers['Auth-Login-Attempt']) < 10:
+        response.headers['Auth-Wait'] = '3'
+    return response

@limiter.request_filter
 def whitelist_webmail():