check whitelisted ip when retrieving unauthorized from cache

2022-10-15 01:01:04 +02:00
parent c98e2b2dd6
commit 75a18fb0b8
1 changed files with 11 additions and 7 deletions
--- a/MareSynchronosServer/MareSynchronosServices/Authentication/SecretKeyAuthenticationHandler.cs
+++ b/MareSynchronosServer/MareSynchronosServices/Authentication/SecretKeyAuthenticationHandler.cs
@@ -102,16 +102,20 @@ internal class SecretKeyAuthenticationHandler
                {
                    metrics.IncCounter(MetricsAPI.CounterAuthenticationFailures);

+                    logger.LogWarning("Failed authorization from {ip}", ip);
+
                    lock (failedAuthLock)
                    {
-                        logger.LogWarning("Failed authorization from {ip}", ip);
-                        if (failedAuthorizations.TryGetValue(ip, out var auth))
+                        if (!_whitelistedIps.Any(w => ip.Contains(w)))
                        {
-                            auth.IncreaseFailedAttempts();
-                        }
-                        else
-                        {
-                            failedAuthorizations[ip] = new FailedAuthorization();
+                            if (failedAuthorizations.TryGetValue(ip, out var auth))
+                            {
+                                auth.IncreaseFailedAttempts();
+                            }
+                            else
+                            {
+                                failedAuthorizations[ip] = new FailedAuthorization();
+                            }
                        }
                    }