app_settings: enable login rate limiting by default (#50771)
This commit is contained in:
parent
8a543226bf
commit
2f42606265
|
@ -267,8 +267,8 @@ default_settings = dict(
|
|||
definition='exponential backoff factor duration as seconds until '
|
||||
'next try after a login failure'),
|
||||
A2_LOGIN_EXPONENTIAL_RETRY_TIMEOUT_DURATION=Setting(
|
||||
default=0,
|
||||
definition='exponential backoff base factor duration as secondss '
|
||||
default=1,
|
||||
definition='exponential backoff base factor duration as seconds '
|
||||
'until next try after a login failure'),
|
||||
A2_LOGIN_EXPONENTIAL_RETRY_TIMEOUT_MAX_DURATION=Setting(
|
||||
default=3600,
|
||||
|
|
|
@ -113,6 +113,7 @@ def test_redirect_login_to_homepage(db, app, settings, simple_user, superuser):
|
|||
|
||||
|
||||
def test_exponential_backoff(db, app, settings):
|
||||
settings.A2_LOGIN_EXPONENTIAL_RETRY_TIMEOUT_DURATION = 0
|
||||
response = app.get('/login/')
|
||||
response.form.set('username', '')
|
||||
response.form.set('password', 'zozo')
|
||||
|
|
Loading…
Reference in New Issue