This is an automated email from the ASF dual-hosted git repository. rnewson pushed a commit to branch chttpd_auth_lockout in repository https://gitbox.apache.org/repos/asf/couchdb.git
commit 490885021bc87c93e0a3d7b1e350fefac7ce2fd4 Author: Robert Newson <rnew...@apache.org> AuthorDate: Tue Sep 10 15:47:54 2024 +0100 rename couch_auth_lockout to chttpd_auth_lockout for consistency --- src/couch/src/couch_auth_lockout.erl | 4 ++-- src/couch/src/couch_primary_sup.erl | 4 ++-- src/docs/src/config/auth.rst | 10 +++++----- test/elixir/test/auth_lockout_test.exs | 18 +++++++++--------- 4 files changed, 18 insertions(+), 18 deletions(-) diff --git a/src/couch/src/couch_auth_lockout.erl b/src/couch/src/couch_auth_lockout.erl index 211e59052..5b2e3e51a 100644 --- a/src/couch/src/couch_auth_lockout.erl +++ b/src/couch/src/couch_auth_lockout.erl @@ -61,7 +61,7 @@ lockout(#httpd{} = Req, UserName, UserSalt) -> end. lockout_mode() -> - case config:get("couch_auth_lockout", "mode", "off") of + case config:get("chttpd_auth_lockout", "mode", "off") of "off" -> off; "warn" -> @@ -73,7 +73,7 @@ lockout_mode() -> end. lockout_threshold() -> - config:get_integer("couch_auth_lockout", "threshold", 5). + config:get_integer("chttpd_auth_lockout", "threshold", 5). peer(#httpd{mochi_req = MochiReq}) -> Socket = mochiweb_request:get(socket, MochiReq), diff --git a/src/couch/src/couch_primary_sup.erl b/src/couch/src/couch_primary_sup.erl index be3396328..32ee282d6 100644 --- a/src/couch/src/couch_primary_sup.erl +++ b/src/couch/src/couch_primary_sup.erl @@ -39,9 +39,9 @@ init([]) -> couch_lockout_lru, [ {max_objects, - config:get_integer("couch_auth_lockout", "max_objects", 10_000)}, + config:get_integer("chttpd_auth_lockout", "max_objects", 10_000)}, {max_lifetime, - config:get_integer("couch_auth_lockout", "max_lifetime", 300_000)} + config:get_integer("chttpd_auth_lockout", "max_lifetime", 300_000)} ] ]}, permanent, 5000, worker, [ets_lru]} diff --git a/src/docs/src/config/auth.rst b/src/docs/src/config/auth.rst index 5be83f527..665a4fb74 100644 --- a/src/docs/src/config/auth.rst +++ b/src/docs/src/config/auth.rst @@ -550,7 +550,7 @@ Authentication Configuration That's all, you are done with the migration from ``roles_claim_name`` to ``roles_claim_path`` Easy, isn't it? -.. config:section:: couch_auth_lockout :: Automatic User Lockout +.. config:section:: chttpd_auth_lockout :: Automatic User Lockout .. config:option:: mode :: lockout mode @@ -564,7 +564,7 @@ Authentication Configuration 403 status code if repeated authentication failures occur for a specific user and client IP address. :: - [couch_auth_lockout] + [chttpd_auth_lockout] mode = enforce .. config:option:: threshold :: lockout threshold @@ -574,7 +574,7 @@ Authentication Configuration authentication attempts for the rest of the ``max_lifetime`` period if ``mode`` is set to ``enforce``. :: - [couch_auth_lockout] + [chttpd_auth_lockout] threshold = 5 .. config:option:: max_objects :: maximum number of username, IP pairs to track @@ -583,7 +583,7 @@ Authentication Configuration memory usage. Defaults to ``10,000``. Changes to this setting are only picked up at CouchDB start or restart time. :: - [couch_auth_lockout] + [chttpd_auth_lockout] max_objects = 10000 .. config:option:: max_lifetime :: maximum duration of lockout period @@ -591,5 +591,5 @@ Authentication Configuration The maximum duration of the lockout period, measured in milliseconds. Changes to this setting are only picked up at CouchDB start or restart time. :: - [couch_auth_lockout] + [chttpd_auth_lockout] max_lifetime = 300000 diff --git a/test/elixir/test/auth_lockout_test.exs b/test/elixir/test/auth_lockout_test.exs index 52c7cc676..fc70c25a9 100644 --- a/test/elixir/test/auth_lockout_test.exs +++ b/test/elixir/test/auth_lockout_test.exs @@ -6,7 +6,7 @@ defmodule AuthLockoutTest do @moduletag config: [ { "admins", - "couch_auth_lockout", + "chttpd_auth_lockout", "bar" } ] @@ -14,7 +14,7 @@ defmodule AuthLockoutTest do test "lockout after multiple failed authentications", _context do server_config = [ %{ - :section => "couch_auth_lockout", + :section => "chttpd_auth_lockout", :key => "mode", :value => "enforce" } @@ -22,16 +22,16 @@ defmodule AuthLockoutTest do run_on_modified_server( server_config, - fn -> test_couch_auth_lockout_enforcement() end + fn -> test_chttpd_auth_lockout_enforcement() end ) end - defp test_couch_auth_lockout_enforcement do + defp test_chttpd_auth_lockout_enforcement do # exceed the lockout threshold for _n <- 1..5 do resp = Couch.get("/_all_dbs", no_auth: true, - headers: [authorization: "Basic #{:base64.encode("couch_auth_lockout:baz")}"] + headers: [authorization: "Basic #{:base64.encode("chttpd_auth_lockout:baz")}"] ) assert resp.status_code == 401 end @@ -39,18 +39,18 @@ defmodule AuthLockoutTest do # locked out? resp = Couch.get("/_all_dbs", no_auth: true, - headers: [authorization: "Basic #{:base64.encode("couch_auth_lockout:baz")}"] + headers: [authorization: "Basic #{:base64.encode("chttpd_auth_lockout:baz")}"] ) assert resp.status_code == 403 assert resp.body["reason"] == "Account is temporarily locked due to multiple authentication failures" end - defp test_couch_auth_lockout_warning do + defp test_chttpd_auth_lockout_warning do # exceed the lockout threshold for _n <- 1..5 do resp = Couch.get("/_all_dbs", no_auth: true, - headers: [authorization: "Basic #{:base64.encode("couch_auth_lockout:baz")}"] + headers: [authorization: "Basic #{:base64.encode("chttpd_auth_lockout:baz")}"] ) assert resp.status_code == 401 end @@ -58,7 +58,7 @@ defmodule AuthLockoutTest do # warning? resp = Couch.get("/_all_dbs", no_auth: true, - headers: [authorization: "Basic #{:base64.encode("couch_auth_lockout:baz")}"] + headers: [authorization: "Basic #{:base64.encode("chttpd_auth_lockout:baz")}"] ) end