Add rate-limiting on registration (#4735)

* Rate-limiting for registration * Add unit test for registration rate limiting * Add config parameters for rate limiting on auth endpoints * Doc * Fix doc of rate limiting function Co-Authored-By: babolivier <contact@brendanabolivier.com> * Incorporate review * Fix config parsing * Fix linting errors * Set default config for auth rate limiting * Fix tests * Add changelog * Advance reactor instead of mocked clock * Move parameters to registration specific config and give them more sensible default values * Remove unused config options * Don't mock the rate limiter un MAU tests * Rename _register_with_store into register_with_store * Make CI happy * Remove unused import * Update sample config * Fix ratelimiting test for py2 * Add non-guest test
2025-08-15 21:20:12 -04:00 · 2019-03-05 14:25:33 +00:00 · 2019-03-05 14:25:33 +00:00 · a4c3a361b7
commit a4c3a361b7
parent 3887e0cd80
17 changed files with 186 additions and 54 deletions
--- a/synapse/replication/http/register.py
+++ b/synapse/replication/http/register.py
@ -33,11 +33,12 @@ class ReplicationRegisterServlet(ReplicationEndpoint):
    def __init__(self, hs):
        super(ReplicationRegisterServlet, self).__init__(hs)
        self.store = hs.get_datastore()
+        self.registration_handler = hs.get_registration_handler()

    @staticmethod
    def _serialize_payload(
        user_id, token, password_hash, was_guest, make_guest, appservice_id,
-        create_profile_with_displayname, admin, user_type,
+        create_profile_with_displayname, admin, user_type, address,
    ):
        """
        Args:
@ -56,6 +57,7 @@ class ReplicationRegisterServlet(ReplicationEndpoint):
            admin (boolean): is an admin user?
            user_type (str|None): type of user. One of the values from
                api.constants.UserTypes, or None for a normal user.
+            address (str|None): the IP address used to perform the regitration.
        """
        return {
            "token": token,
@ -66,13 +68,14 @@ class ReplicationRegisterServlet(ReplicationEndpoint):
            "create_profile_with_displayname": create_profile_with_displayname,
            "admin": admin,
            "user_type": user_type,
+            "address": address,
        }

    @defer.inlineCallbacks
    def _handle_request(self, request, user_id):
        content = parse_json_object_from_request(request)

-        yield self.store.register(
+        yield self.registration_handler.register_with_store(
            user_id=user_id,
            token=content["token"],
            password_hash=content["password_hash"],
@ -82,6 +85,7 @@ class ReplicationRegisterServlet(ReplicationEndpoint):
            create_profile_with_displayname=content["create_profile_with_displayname"],
            admin=content["admin"],
            user_type=content["user_type"],
+            address=content["address"]
        )

        defer.returnValue((200, {}))