From 75a18fb0b8b873d49feae6e5f14808bae17c0d8f Mon Sep 17 00:00:00 2001 From: Stanley Dimant Date: Sat, 15 Oct 2022 01:01:04 +0200 Subject: [PATCH] check whitelisted ip when retrieving unauthorized from cache --- .../SecretKeyAuthenticationHandler.cs | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/MareSynchronosServer/MareSynchronosServices/Authentication/SecretKeyAuthenticationHandler.cs b/MareSynchronosServer/MareSynchronosServices/Authentication/SecretKeyAuthenticationHandler.cs index 01b8f95..e787297 100644 --- a/MareSynchronosServer/MareSynchronosServices/Authentication/SecretKeyAuthenticationHandler.cs +++ b/MareSynchronosServer/MareSynchronosServices/Authentication/SecretKeyAuthenticationHandler.cs @@ -102,16 +102,20 @@ internal class SecretKeyAuthenticationHandler { metrics.IncCounter(MetricsAPI.CounterAuthenticationFailures); + logger.LogWarning("Failed authorization from {ip}", ip); + lock (failedAuthLock) { - logger.LogWarning("Failed authorization from {ip}", ip); - if (failedAuthorizations.TryGetValue(ip, out var auth)) + if (!_whitelistedIps.Any(w => ip.Contains(w))) { - auth.IncreaseFailedAttempts(); - } - else - { - failedAuthorizations[ip] = new FailedAuthorization(); + if (failedAuthorizations.TryGetValue(ip, out var auth)) + { + auth.IncreaseFailedAttempts(); + } + else + { + failedAuthorizations[ip] = new FailedAuthorization(); + } } }