mirror of
https://github.com/nodemailer/wildduck.git
synced 2024-12-31 04:33:09 +08:00
removed login rate limiting for now
This commit is contained in:
parent
89103122ff
commit
17a936c3e0
2 changed files with 12 additions and 35 deletions
46
imap.js
46
imap.js
|
@ -12,7 +12,6 @@ const ObjectID = require('mongodb').ObjectID;
|
|||
const Indexer = require('./imap-core/lib/indexer/indexer');
|
||||
const imapTools = require('./imap-core/lib/imap-tools');
|
||||
const fs = require('fs');
|
||||
const rateLimiter = require('rolling-rate-limiter');
|
||||
const setupIndexes = require('./indexes.json');
|
||||
const MessageHandler = require('./lib/message-handler');
|
||||
const db = require('./lib/db');
|
||||
|
@ -66,40 +65,27 @@ let messageHandler;
|
|||
server.onAuth = function (login, session, callback) {
|
||||
let username = (login.username || '').toString().trim();
|
||||
|
||||
// rate limit authentication attempts per username/source IP
|
||||
server.loginLimiter(username + ':' + session.remoteAddress, (err, timeLeft) => {
|
||||
db.database.collection('users').findOne({
|
||||
username
|
||||
}, (err, user) => {
|
||||
if (err) {
|
||||
return callback(err);
|
||||
}
|
||||
if (timeLeft) {
|
||||
let err = new Error('Too many logins, try again later');
|
||||
err.response = 'NO';
|
||||
return callback(err);
|
||||
if (!user) {
|
||||
return callback();
|
||||
}
|
||||
|
||||
db.database.collection('users').findOne({
|
||||
username
|
||||
}, (err, user) => {
|
||||
if (err) {
|
||||
return callback(err);
|
||||
}
|
||||
if (!user) {
|
||||
return callback();
|
||||
}
|
||||
if (!bcrypt.compareSync(login.password, user.password)) {
|
||||
return callback();
|
||||
}
|
||||
|
||||
if (!bcrypt.compareSync(login.password, user.password)) {
|
||||
return callback();
|
||||
callback(null, {
|
||||
user: {
|
||||
id: user._id,
|
||||
username
|
||||
}
|
||||
|
||||
callback(null, {
|
||||
user: {
|
||||
id: user._id,
|
||||
username
|
||||
}
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
};
|
||||
|
||||
// LIST "" "*"
|
||||
|
@ -1592,14 +1578,6 @@ module.exports = done => {
|
|||
database: db.database
|
||||
});
|
||||
|
||||
server.loginLimiter = rateLimiter({
|
||||
redis: db.redis,
|
||||
namespace: 'UserLoginLimiter',
|
||||
// allow 100 login attempts per minute
|
||||
interval: 60 * 1000,
|
||||
maxInInterval: 100
|
||||
});
|
||||
|
||||
let started = false;
|
||||
|
||||
server.on('error', err => {
|
||||
|
|
|
@ -35,7 +35,6 @@
|
|||
"redfour": "^1.0.0",
|
||||
"redis": "^2.7.1",
|
||||
"restify": "^4.3.0",
|
||||
"rolling-rate-limiter": "^0.1.5",
|
||||
"smtp-server": "^3.0.1",
|
||||
"toml": "^2.3.2",
|
||||
"utf7": "^1.0.2",
|
||||
|
|
Loading…
Reference in a new issue