Skip to content

Commit 22757cc

Browse files
mhajdermhajder
committed
Refactor environment variable names for authentication rate limiting
1 parent eb9a6b7 commit 22757cc

File tree

2 files changed

+10
-10
lines changed

2 files changed

+10
-10
lines changed

README.md

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ This project exposes a secure HTTP interface to common devil server operations.
1414

1515
Environment-driven behavior:
1616
- Authentication requires DEVIL_API_KEY set at process start (loaded from the environment or a .env file).
17-
- Optional rate-limiting on authentication failures (per-IP) using DEVIL_AUTH_FAIL_THRESHOLD and DEVIL_AUTH_BLOCK_SECONDS.
17+
- Optional rate-limiting on authentication failures (per-IP) using AUTH_FAIL_THRESHOLD and AUTH_BLOCK_SECONDS.
1818
- Logging level can be controlled via LOG_LEVEL.
1919

2020
## Features
@@ -78,8 +78,8 @@ Set environment variables (in shell or in a .env file):
7878
export DEVIL_API_KEY="your-secret"
7979
# Optional:
8080
export LOG_LEVEL="INFO"
81-
export DEVIL_AUTH_FAIL_THRESHOLD="5"
82-
export DEVIL_AUTH_BLOCK_SECONDS="300"
81+
export AUTH_FAIL_THRESHOLD="5"
82+
export AUTH_BLOCK_SECONDS="300"
8383
```
8484
8585
## Usage
@@ -124,15 +124,15 @@ Notes:
124124
125125
- DEVIL_API_KEY (required): API key required to access all protected endpoints
126126
- LOG_LEVEL (optional): e.g., INFO, DEBUG
127-
- DEVIL_AUTH_FAIL_THRESHOLD (optional, default 5): number of failed attempts before blocking
128-
- DEVIL_AUTH_BLOCK_SECONDS (optional, default 300): block duration in seconds
127+
- AUTH_FAIL_THRESHOLD (optional, default 5): number of failed attempts before blocking
128+
- AUTH_BLOCK_SECONDS (optional, default 300): block duration in seconds
129129
130130
Create a local .env file to load automatically:
131131
```
132132
DEVIL_API_KEY=your-secret
133133
LOG_LEVEL=INFO
134-
DEVIL_AUTH_FAIL_THRESHOLD=5
135-
DEVIL_AUTH_BLOCK_SECONDS=300
134+
AUTH_FAIL_THRESHOLD=5
135+
AUTH_BLOCK_SECONDS=300
136136
```
137137
138138
## Contributing
@@ -141,4 +141,4 @@ Contributions, issues, and feature requests are welcome! Feel free to check the
141141
142142
## License
143143
144-
This project is licensed under the GNU AFFERO GENERAL PUBLIC LICENSE License. See the [LICENSE](LICENSE) file for details.
144+
This project is licensed under the GNU AFFERO GENERAL PUBLIC LICENSE. See the [LICENSE](LICENSE) file for details.

app/auth.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -27,8 +27,8 @@
2727
BearerScheme = HTTPBearer(auto_error=False)
2828

2929
AUTH_FAILURE_TRACKER: dict[str, dict[str, float | int]] = {}
30-
AUTH_FAIL_THRESHOLD = int(os.getenv("DEVIL_AUTH_FAIL_THRESHOLD", "5"))
31-
AUTH_BLOCK_SECONDS = int(os.getenv("DEVIL_AUTH_BLOCK_SECONDS", "300"))
30+
AUTH_FAIL_THRESHOLD = int(os.getenv("AUTH_FAIL_THRESHOLD", "5"))
31+
AUTH_BLOCK_SECONDS = int(os.getenv("AUTH_BLOCK_SECONDS", "300"))
3232

3333

3434
def _client_ip(request: Request) -> str:

0 commit comments

Comments
 (0)