From d866223069250d1e73d8b1f0e007f82e7cfb6673 Mon Sep 17 00:00:00 2001 From: Stanley Dimant Date: Sun, 2 Oct 2022 16:57:31 +0200 Subject: [PATCH] add whitelisted ips to secret key auth handler --- .../SecretKeyAuthenticationHandler.cs | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/MareSynchronosServer/MareSynchronosServices/Authentication/SecretKeyAuthenticationHandler.cs b/MareSynchronosServer/MareSynchronosServices/Authentication/SecretKeyAuthenticationHandler.cs index c20e18b..34f26b9 100644 --- a/MareSynchronosServer/MareSynchronosServices/Authentication/SecretKeyAuthenticationHandler.cs +++ b/MareSynchronosServer/MareSynchronosServices/Authentication/SecretKeyAuthenticationHandler.cs @@ -25,6 +25,7 @@ public class SecretKeyAuthenticationHandler private readonly object failedAuthLock = new(); private readonly int _failedAttemptsForTempBan; private readonly int _tempBanMinutes; + private List _whitelistedIps = new(); public void ClearUnauthorizedUsers() { @@ -136,14 +137,18 @@ public class SecretKeyAuthenticationHandler logger.LogWarning("Failed authorization from {ip}", ip); lock (failedAuthLock) { - if (failedAuthorizations.TryGetValue(ip, out var auth)) + if (!_whitelistedIps.Any(w => ip.Contains(w))) { - auth.IncreaseFailedAttempts(); - } - else - { - failedAuthorizations[ip] = new FailedAuthorization(); + if (failedAuthorizations.TryGetValue(ip, out var auth)) + { + auth.IncreaseFailedAttempts(); + } + else + { + failedAuthorizations[ip] = new FailedAuthorization(); + } } + } metrics.IncCounter(MetricsAPI.CounterAuthenticationFailures); @@ -168,5 +173,6 @@ public class SecretKeyAuthenticationHandler var config = configuration.GetRequiredSection("MareSynchronos"); _failedAttemptsForTempBan = config.GetValue("FailedAuthForTempBan", 5); _tempBanMinutes = config.GetValue("TempBanDurationInMinutes", 30); + _whitelistedIps = config.GetValue>("WhitelistedIps", new List()); } } \ No newline at end of file