Enable rate limiting of V2 requests

conf/server-base.conf

@@ -30,10 +30,10 @@ location /realtime {
     proxy_request_buffering off;
 }
 
-# At the begining and end of a push/pull, /v1/repositories is hit by the Docker
+# At the begining and end of a push/pull, (/v1/repositories|/v2/auth/) is hit by the Docker
 # client. By rate-limiting just this endpoint, we can avoid accidentally
 # blocking pulls/pushes for images with many layers.
-location /v1/repositories/ {
+location ~ ^/(v1/repositories|v2/auth)/ {
     proxy_buffering off;
 
     proxy_request_buffering off;

endpoints/v2/v2auth.py

@@ -54,6 +54,8 @@ def generate_registry_jwt():
   logger.debug('Scope request: %s', scope_param)
 
   user = get_authenticated_user()
+  if user is None:
+    abort(404)
 
   access = []
   if scope_param is not None: