Ratelimit 3PID /requestToken API (#9238)

2025-08-02 02:26:07 -04:00 · 2021-01-28 17:39:21 +00:00 · 2021-01-28 17:39:21 +00:00 · 4b73488e81
commit 4b73488e81
parent 54a6afeee3
11 changed files with 159 additions and 14 deletions
--- a/synapse/config/ratelimiting.py
+++ b/synapse/config/ratelimiting.py
@ -24,7 +24,7 @@ class RateLimitConfig:
        defaults={"per_second": 0.17, "burst_count": 3.0},
    ):
        self.per_second = config.get("per_second", defaults["per_second"])
-        self.burst_count = config.get("burst_count", defaults["burst_count"])
+        self.burst_count = int(config.get("burst_count", defaults["burst_count"]))


 class FederationRateLimitConfig:
@ -102,6 +102,11 @@ class RatelimitConfig(Config):
            defaults={"per_second": 0.01, "burst_count": 3},
        )

+        self.rc_3pid_validation = RateLimitConfig(
+            config.get("rc_3pid_validation") or {},
+            defaults={"per_second": 0.003, "burst_count": 5},
+        )
+
    def generate_config_section(self, **kwargs):
        return """\
        ## Ratelimiting ##
@ -131,6 +136,7 @@ class RatelimitConfig(Config):
        #     users are joining rooms the server is already in (this is cheap) vs
        #     "remote" for when users are trying to join rooms not on the server (which
        #     can be more expensive)
+        #   - one for ratelimiting how often a user or IP can attempt to validate a 3PID.
        #
        # The defaults are as shown below.
        #
@ -164,7 +170,10 @@ class RatelimitConfig(Config):
        #  remote:
        #    per_second: 0.01
        #    burst_count: 3
-
+        #
+        #rc_3pid_validation:
+        #  per_second: 0.003
+        #  burst_count: 5

        # Ratelimiting settings for incoming federation
        #