import org.cacert.gigi.localisation.Language;
import org.cacert.gigi.output.template.Form;
import org.cacert.gigi.output.template.TranslateCommand;
+import org.cacert.gigi.pages.main.RegisterPage;
import org.cacert.gigi.util.AuthorizationContext;
import org.cacert.gigi.util.PasswordHash;
+import org.cacert.gigi.util.RateLimit;
import org.cacert.gigi.util.ServerConstants;
public class LoginPage extends Page {
+ public static final RateLimit RATE_LIMIT = new RateLimit(10, 5 * 60 * 1000);
+
public class LoginForm extends Form {
public LoginForm(HttpServletRequest hsr) {
@Override
public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+ if (RegisterPage.RATE_LIMIT.isLimitExceeded(req.getRemoteAddr())) {
+ outputError(out, req, "Rate Limit Exceeded");
+ return false;
+ }
tryAuthWithUnpw(req);
return false;
}
public static final String PATH = "/register";
- // 5 per 5 min
+ // 50 per 5 min
public static final RateLimit RATE_LIMIT = new RateLimit(50, 5 * 60 * 1000);
public RegisterPage() {
@Override
public synchronized boolean submit(PrintWriter out, HttpServletRequest req) {
+ if (RegisterPage.RATE_LIMIT.isLimitExceeded(req.getRemoteAddr())) {
+ outputError(out, req, "Rate Limit Exceeded");
+ return false;
+ }
+
update(req);
if (buildupName.getLname().trim().equals("")) {
outputError(out, req, "Last name were blank.");
if (isFailed(out)) {
return false;
}
- if (RegisterPage.RATE_LIMIT.isLimitExceeded(req.getRemoteAddr())) {
- outputError(out, req, "Rate Limit Exceeded");
- return false;
- }
try {
run(req, pw1);
} catch (SQLException e) {
private String path = MailOverview.DEFAULT_PATH;
public TestMailManagement() throws IOException {
+ clearCaches(); // and reset rate limits
cookie = login(u.getEmail(), TEST_PASSWORD);
assertTrue(isLoggedin(cookie));
}
@Before
public void setup() throws IOException {
+ clearCaches();
assurerM = createUniqueName() + "@cacert-test.org";
assureeM = createUniqueName() + "@cacert-test.org";
import org.cacert.gigi.localisation.Language;
import org.cacert.gigi.output.template.Template;
import org.cacert.gigi.output.template.TranslateCommand;
+import org.cacert.gigi.pages.LoginPage;
import org.cacert.gigi.pages.Page;
import org.cacert.gigi.pages.account.certs.CertificateRequest;
import org.cacert.gigi.pages.main.RegisterPage;
public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
ObjectCache.clearAllCaches();
RegisterPage.RATE_LIMIT.bypass();
+ LoginPage.RATE_LIMIT.bypass();
CertificateRequest.RATE_LIMIT.bypass();
resp.getWriter().println("All caches cleared.");
System.out.println("Caches cleared.");