docs: adding annotations for few rate limit keys (#29545)

This commit is contained in:
Abdurrehman
2022-01-07 21:30:03 +05:00
committed by GitHub
parent a5dfbd5795
commit 72b9d0962c

View File

@@ -3228,7 +3228,21 @@ REST_FRAMEWORK = {
},
}
# .. setting_name: REGISTRATION_VALIDATION_RATELIMIT
# .. setting_default: 30/7d
# .. setting_description: Whenver a user tries to register on edx, the data entered during registration
# is validated via RegistrationValidationView.
# It's POST endpoint is rate-limited up to 30 requests per IP Address in a week by default.
# It was introduced because an attacker can guess or brute force a series of names to enumerate valid users.
# .. setting_tickets: https://github.com/edx/edx-platform/pull/24664
REGISTRATION_VALIDATION_RATELIMIT = '30/7d'
# .. setting_name: REGISTRATION_RATELIMIT
# .. setting_default: 60/7d
# .. setting_description: New users are registered on edx via RegistrationView.
# It's POST end-point is rate-limited up to 60 requests per IP Address in a week by default.
# Purpose of this setting is to restrict an attacker from registering numerous fake accounts.
# .. setting_tickets: https://github.com/edx/edx-platform/pull/27060
REGISTRATION_RATELIMIT = '60/7d'
SWAGGER_SETTINGS = {
@@ -4551,7 +4565,26 @@ COMPLETION_VIDEO_COMPLETE_PERCENTAGE = 0.95
COMPLETION_BY_VIEWING_DELAY_MS = 5000
############### Settings for Django Rate limit #####################
# .. toggle_name: RATELIMIT_ENABLE
# .. toggle_implementation: DjangoSetting
# .. toggle_default: True
# .. toggle_description: When enabled, RATELIMIT_RATE is applied.
# When disabled, RATELIMIT_RATE is not applied.
# .. toggle_use_cases: open_edx
# .. toggle_creation_date: 2018-01-08
# .. toggle_tickets: https://github.com/edx/edx-platform/pull/16951
RATELIMIT_ENABLE = True
# .. setting_name: RATELIMIT_RATE
# .. setting_default: 120/m
# .. setting_description: Due to some reports about attack on /oauth2/access_token/ which took LMS down,
# this setting was introduced to rate-limit all endpoints of AccessTokenView up to
# 120 requests per IP Address in a minute by default.
# .. setting_warning: RATELIMIT_ENABLE flag must also be enabled/set to True to use this RATELIMIT_RATE setting.
# .. setting_use_cases: open_edx
# .. setting_creation_date: 2018-01-08
# .. setting_tickets: https://github.com/edx/edx-platform/pull/16951
RATELIMIT_RATE = '120/m'
##### LOGISTRATION RATE LIMIT SETTINGS #####