vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Enable rate limiting of V2 requests

Browse source
This commit is contained in:
Joseph Schorr 2015-08-25 14:18:34 -04:00
parent df4ab8565c
commit 31fdb94436
2 changed files with 4 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
conf/server-base.conf
View file

@ -30,10 +30,10 @@ location /realtime {
proxy_request_buffering off; proxy_request_buffering off;
} }
# At the begining and end of a push/pull, /v1/repositories is hit by the Docker # At the begining and end of a push/pull, (/v1/repositories|/v2/auth/) is hit by the Docker
# client. By rate-limiting just this endpoint, we can avoid accidentally # client. By rate-limiting just this endpoint, we can avoid accidentally
# blocking pulls/pushes for images with many layers. # blocking pulls/pushes for images with many layers.
location /v1/repositories/ { location ~ ^/(v1/repositories|v2/auth)/ {
proxy_buffering off; proxy_buffering off;
proxy_request_buffering off; proxy_request_buffering off;

2
endpoints/v2/v2auth.py
View file

@ -54,6 +54,8 @@ def generate_registry_jwt():
logger.debug('Scope request: %s', scope_param) logger.debug('Scope request: %s', scope_param)
user = get_authenticated_user() user = get_authenticated_user()
if user is None:
abort(404)
access = [] access = []
if scope_param is not None: if scope_param is not None: