From 85141fabcd82cdff5dcb098cf8cdb5fba40f1b4d Mon Sep 17 00:00:00 2001 From: Peter Finlayson Date: Mon, 6 Jan 2020 15:24:12 +0200 Subject: [PATCH] add account create / login throttle parameters to the settings files (cherry picked from commit e70330d81b2c24dddc004ee65e66f4942cb3350b) --- evennia/accounts/accounts.py | 6 ++++-- evennia/settings_default.py | 6 ++++++ 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/evennia/accounts/accounts.py b/evennia/accounts/accounts.py index 35fde0ff4e..eace4ebc63 100644 --- a/evennia/accounts/accounts.py +++ b/evennia/accounts/accounts.py @@ -57,8 +57,10 @@ _CMDSET_ACCOUNT = settings.CMDSET_ACCOUNT _MUDINFO_CHANNEL = None # Create throttles for too many account-creations and login attempts -CREATION_THROTTLE = Throttle(limit=2, timeout=10 * 60) -LOGIN_THROTTLE = Throttle(limit=5, timeout=5 * 60) +CREATION_THROTTLE = Throttle(limit=settings.CREATION_THROTTLE_LIMIT, + timeout=settings.CREATION_THROTTLE_TIMEOUT) +LOGIN_THROTTLE = Throttle(limit=settings.LOGIN_THROTTLE_LIMIT, + timeout=settings.LOGIN_THROTTLE_TIMEOUT) class AccountSessionHandler(object): diff --git a/evennia/settings_default.py b/evennia/settings_default.py index 6c4add4d6a..bb6e71b41a 100644 --- a/evennia/settings_default.py +++ b/evennia/settings_default.py @@ -651,6 +651,12 @@ CLIENT_DEFAULT_HEIGHT = 45 # (excluding webclient with separate help popups). If continuous scroll # is preferred, change 'HELP_MORE' to False. EvMORE uses CLIENT_DEFAULT_HEIGHT HELP_MORE = True +# Set rate limits per-IP on account creations and login attempts +CREATION_THROTTLE_LIMIT = 2 +CREATION_THROTTLE_TIMEOUT = 10 * 60 +LOGIN_THROTTLE_LIMIT = 5 +LOGIN_THROTTLE_TIMEOUT = 5 * 60 + ###################################################################### # Guest accounts