check whitelisted ip when retrieving unauthorized from cache

2022-10-15 01:01:04 +02:00
parent c98e2b2dd6
commit 75a18fb0b8
1 changed files with 11 additions and 7 deletions
--- a/MareSynchronosServer/MareSynchronosServices/Authentication/SecretKeyAuthenticationHandler.cs
+++ b/MareSynchronosServer/MareSynchronosServices/Authentication/SecretKeyAuthenticationHandler.cs
@@ -102,9 +102,12 @@ internal class SecretKeyAuthenticationHandler
                {
                    metrics.IncCounter(MetricsAPI.CounterAuthenticationFailures);

+                    logger.LogWarning("Failed authorization from {ip}", ip);
+
                    lock (failedAuthLock)
                    {
-                        logger.LogWarning("Failed authorization from {ip}", ip);
+                        if (!_whitelistedIps.Any(w => ip.Contains(w)))
+                        {
                            if (failedAuthorizations.TryGetValue(ip, out var auth))
                            {
                                auth.IncreaseFailedAttempts();
@@ -114,6 +117,7 @@ internal class SecretKeyAuthenticationHandler
                                failedAuthorizations[ip] = new FailedAuthorization();
                            }
                        }
+                    }

                    return new AuthReply() { Success = false, Uid = new UidMessage() { Uid = string.Empty } };
                }