@@ -4,21 +4,39 @@ module DecidimApp
44 module RackAttack
55 def self . rack_enabled?
66 setting = Rails . application . secrets . dig ( :decidim , :rack_attack , :enabled )
7- return setting == "1" if setting . present?
7+ return setting . to_s == "1" if setting . present?
88
99 Rails . env . production?
1010 end
1111
12- def self . apply_configuration
12+ def self . info!
13+ Rails . logger . info ( "Rack::Attack is enabled: #{ Rack ::Attack . enabled } )
14+ Rails . logger . info ( "Rack::Attack Fail2ban is enabled: #{ DecidimApp ::RackAttack ::Fail2ban . enabled? } )
15+ Rack ::Attack . throttles . keys . each do |throttle |
16+ Rails . logger . info ( "Rack::Attack throttling registered: #{ throttle } )
17+ end
18+ end
19+
20+ def self . enable_rack_attack!
21+ Rails . logger . info ( "Rack::Attack is now enabled" )
1322 Rack ::Attack . enabled = true
23+ end
1424
25+ def self . disable_rack_attack!
26+ Rails . logger . info ( "Rack::Attack is now disabled" )
27+ Rack ::Attack . enabled = false
28+ end
29+
30+ def self . deactivate_decidim_throttling!
1531 # Remove the original throttle from decidim-core
16- # see https://github.com/decidim/decidim/blob/release/0.26 -stable/decidim-core/config/initializers/rack_attack.rb#L19
32+ # see https://github.com/decidim/decidim/blob/release/0.27 -stable/decidim-core/config/initializers/rack_attack.rb#L19
1733 DecidimApp ::RackAttack ::Throttling . deactivate_decidim_throttling! do
1834 Rails . logger . info ( "Deactivating 'requests by ip' from Decidim Core" )
1935 Rack ::Attack . throttles . delete ( "requests by ip" )
2036 end
37+ end
2138
39+ def self . apply_configuration
2240 Rack ::Attack . throttled_response_retry_after_header = true
2341
2442 Rack ::Attack . throttled_responder = lambda do |request |
0 commit comments