Skip to content

adding rack attack to the api #632

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
mankind wants to merge 1 commit into
base: test
Choose a base branch
from
+46 −19
Open

adding rack attack to the api #632

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 5 additions & 4 deletions Gemfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ gem 'jbuilder', '~> 2.5'
gem 'active-fedora', '>= 11.1.4'

#added by ubiquitypress
gem 'chosen-rails'
gem 'chosen-rails', '~> 1.8.7'

# Use Capistrano for deployment
# gem 'capistrano-rails', group: :development
Expand Down Expand Up @@ -82,7 +82,7 @@ gem 'blacklight_oai_provider', '~> 6.0'
gem 'hyrax', '2.0.2'
gem 'rsolr', '~> 2.0'

gem 'devise'
gem 'devise', '~> 4.3.0'
gem 'devise-guests', '~> 0.3'
gem 'devise-i18n'
gem 'devise_invitable', '~> 1.6'
Expand Down Expand Up @@ -110,7 +110,7 @@ group :aws do
gem 'active_elastic_job', '~> 2.0'
end

gem 'sidekiq'
gem 'sidekiq', '~> 5.0.3'
#added by ubiquitypress
gem "sidekiq-cron", "~> 1.0.4"

Expand All @@ -123,4 +123,5 @@ gem 'mini_magick', '~> 4.8.0'
gem 'httparty', '~> 0.16.3'
#aded by ubiquitypress for caching
# Will install several other gems like redis-rack, redis-actionpack, redis-activesupport, redis-store, redis-store
gem 'redis-rails'
gem 'redis-rails', '~> 5.0.2'
gem "rack-attack", '~> 6.2.1'
11 changes: 7 additions & 4 deletions Gemfile.lock
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -596,6 +596,8 @@ GEM
rdf
raabro (1.1.6)
rack (2.0.3)
rack-attack (6.2.1)
rack (>= 1.0, < 3)
rack-protection (2.0.0)
rack
rack-test (0.7.0)
Expand Down Expand Up @@ -917,13 +919,13 @@ DEPENDENCIES
byebug
capybara
carrierwave-aws
chosen-rails
chosen-rails (~> 1.8.7)
chromedriver-helper
coffee-rails (~> 4.2)
config (~> 1.5, >= 1.5.1)
coveralls
database_cleaner
devise
devise (~> 4.3.0)
devise-guests (~> 0.3)
devise-i18n
devise_invitable (~> 1.6)
Expand All @@ -944,9 +946,10 @@ DEPENDENCIES
mods (~> 2.1)
pg
puma (~> 3.7)
rack-attack (~> 6.2.1)
rails (~> 5.1.1)
rails-controller-testing
redis-rails
redis-rails (~> 5.0.2)
riiif (~> 1.1)
rolify
rsolr (~> 2.0)
Expand All @@ -959,7 +962,7 @@ DEPENDENCIES
secure_headers
selenium-webdriver
sentry-raven
sidekiq
sidekiq (~> 5.0.3)
sidekiq-cron (~> 1.0.4)
simplecov
solr_wrapper (~> 2.0)
Expand Down
3 changes: 3 additions & 0 deletions config/application.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,9 @@ class Application < Rails::Application
# configuring Nginx on Elastic Beanstalk is a pain.
config.middleware.use Rack::Deflater

#added by ubiquitypress
config.middleware.use Rack::Attack

# The locale is set by a query parameter, so if it's not found render 404
config.action_dispatch.rescue_responses.merge!(
"I18n::InvalidLocale" => :not_found
Expand Down
20 changes: 20 additions & 0 deletions config/initializers/rack_attack.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@

class Rack::Attack

redis_client = Redis::Store.new(:host => ENV['REDIS_CACHE_HOST'],
:port => ENV['REDIS_CACHE_PORT'], :namespace => "hyku-rack-attack-cache", :db => 1)

Rack::Attack.cache.store = redis_client

safelist("safe_host") do |request|
request.env['HTTP_X_UBIQUITY_VALIDATION'] == ENV['UBIQUITY_VALIDATION']
end

blocklist("block_api_access") do |request|
# Requests are blocked if the return value is truthy
if request.path.include?'api/v1'
request.env['HTTP_X_UBIQUITY_VALIDATION'] != ENV['UBIQUITY_VALIDATION']
end
end

end
22 changes: 11 additions & 11 deletions config/initializers/redis.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,14 +1,14 @@
if Rails.env == 'production'

$redis_cache = Redis::Store.new(
:host => ENV['REDIS_CACHE_HOST'],
:port => ENV['REDIS_CACHE_PORT'],
:namespace => "hyku-cache",
:db => 0
)

$redis = Redis.new(
:host => ENV['REDIS_HOST'],
:port => ENV['REDIS_PORT']
)
$redis_cache = Redis::Store.new(:host => ENV['REDIS_CACHE_HOST'],
:port => ENV['REDIS_CACHE_PORT'], :namespace => "hyku-cache", :db => 0)

$redis_rack_attack_cache = Redis::Store.new(:host => ENV['REDIS_CACHE_HOST'],
:port => ENV['REDIS_CACHE_PORT'], :namespace => "hyku-rack-attack-cache", :db => 1)

$redis = Redis.new(:host => ENV['REDIS_HOST'], :port => ENV['REDIS_PORT'] )
end


$rack_attack_cache = Redis::Store.new(:host => ENV['REDIS_CACHE_HOST'],
:port => ENV['REDIS_CACHE_PORT'], :namespace => "hyku-rack-attack-cache", :db => 1)