diff --git a/src/main/java/org/whispersystems/textsecuregcm/configuration/RateLimitsConfiguration.java b/src/main/java/org/whispersystems/textsecuregcm/configuration/RateLimitsConfiguration.java index e78bfd54d..b0cc3dae6 100644 --- a/src/main/java/org/whispersystems/textsecuregcm/configuration/RateLimitsConfiguration.java +++ b/src/main/java/org/whispersystems/textsecuregcm/configuration/RateLimitsConfiguration.java @@ -41,6 +41,20 @@ public class RateLimitsConfiguration { @JsonProperty private RateLimitConfiguration messages = new RateLimitConfiguration(60, 60); + @JsonProperty + private RateLimitConfiguration allocateDevice = new RateLimitConfiguration(2, 1.0 / 2.0); + + @JsonProperty + private RateLimitConfiguration verifyDevice = new RateLimitConfiguration(2, 2); + + public RateLimitConfiguration getAllocateDevice() { + return allocateDevice; + } + + public RateLimitConfiguration getVerifyDevice() { + return verifyDevice; + } + public RateLimitConfiguration getMessages() { return messages; } diff --git a/src/main/java/org/whispersystems/textsecuregcm/controllers/DeviceController.java b/src/main/java/org/whispersystems/textsecuregcm/controllers/DeviceController.java index 7d5dd4b60..9dddc82b4 100644 --- a/src/main/java/org/whispersystems/textsecuregcm/controllers/DeviceController.java +++ b/src/main/java/org/whispersystems/textsecuregcm/controllers/DeviceController.java @@ -73,7 +73,7 @@ public class DeviceController { public VerificationCode createDeviceToken(@Auth Account account) throws RateLimitExceededException { - rateLimiters.getVerifyLimiter().validate(account.getNumber()); //TODO: New limiter? + rateLimiters.getAllocateDeviceLimiter().validate(account.getNumber()); VerificationCode verificationCode = generateVerificationCode(); pendingDevices.store(account.getNumber(), verificationCode.getVerificationCode()); @@ -96,7 +96,7 @@ public class DeviceController { String number = header.getNumber(); String password = header.getPassword(); - rateLimiters.getVerifyLimiter().validate(number); //TODO: New limiter? + rateLimiters.getVerifyDeviceLimiter().validate(number); Optional storedVerificationCode = pendingDevices.getCodeForNumber(number); diff --git a/src/main/java/org/whispersystems/textsecuregcm/limits/RateLimiters.java b/src/main/java/org/whispersystems/textsecuregcm/limits/RateLimiters.java index 04e068970..52bbc3a31 100644 --- a/src/main/java/org/whispersystems/textsecuregcm/limits/RateLimiters.java +++ b/src/main/java/org/whispersystems/textsecuregcm/limits/RateLimiters.java @@ -31,6 +31,9 @@ public class RateLimiters { private final RateLimiter preKeysLimiter; private final RateLimiter messagesLimiter; + private final RateLimiter allocateDeviceLimiter; + private final RateLimiter verifyDeviceLimiter; + public RateLimiters(RateLimitsConfiguration config, MemcachedClient memcachedClient) { this.smsDestinationLimiter = new RateLimiter(memcachedClient, "smsDestination", config.getSmsDestination().getBucketSize(), @@ -60,6 +63,22 @@ public class RateLimiters { config.getMessages().getBucketSize(), config.getMessages().getLeakRatePerMinute()); + this.allocateDeviceLimiter = new RateLimiter(memcachedClient, "allocateDevice", + config.getAllocateDevice().getBucketSize(), + config.getAllocateDevice().getLeakRatePerMinute()); + + this.verifyDeviceLimiter = new RateLimiter(memcachedClient, "verifyDevice", + config.getVerifyDevice().getBucketSize(), + config.getVerifyDevice().getLeakRatePerMinute()); + + } + + public RateLimiter getAllocateDeviceLimiter() { + return allocateDeviceLimiter; + } + + public RateLimiter getVerifyDeviceLimiter() { + return verifyDeviceLimiter; } public RateLimiter getMessagesLimiter() {