Mirrors/blakeblackshear.frigate
1
0
Fork 0
mirror of https://github.com/blakeblackshear/frigate.git synced 2025-07-26 13:47:03 +02:00
Code Issues Projects Releases Wiki Activity

return 401 for login failures (#15432)

Browse Source 
* return 401 for login failures

* only setup the rate limiter when configured
This commit is contained in:
Blake Blackshear 2024-12-10 07:42:55 -06:00 committed by GitHub
parent 0b9c4c18dd
commit 6b12a45a95
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 13 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
frigate/api/auth.py
View File

@ -329,7 +329,7 @@ def login(request: Request, body: AppPostLoginBody):
try: try:
db_user: User = User.get_by_id(user) db_user: User = User.get_by_id(user)
except DoesNotExist: except DoesNotExist:
return JSONResponse(content={"message": "Login failed"}, status_code=400) return JSONResponse(content={"message": "Login failed"}, status_code=401)
password_hash = db_user.password_hash password_hash = db_user.password_hash
if verify_password(password, password_hash): if verify_password(password, password_hash):
@ -340,7 +340,7 @@ def login(request: Request, body: AppPostLoginBody):
response, JWT_COOKIE_NAME, encoded_jwt, expiration, JWT_COOKIE_SECURE response, JWT_COOKIE_NAME, encoded_jwt, expiration, JWT_COOKIE_SECURE
) )
return response return response
return JSONResponse(content={"message": "Login failed"}, status_code=400) return JSONResponse(content={"message": "Login failed"}, status_code=401)
@router.get("/users") @router.get("/users")

6
frigate/api/fastapi_app.py
View File

@ -87,7 +87,11 @@ def create_fastapi_app(
logger.info("FastAPI started") logger.info("FastAPI started")
# Rate limiter (used for login endpoint) # Rate limiter (used for login endpoint)
auth.rateLimiter.set_limit(frigate_config.auth.failed_login_rate_limit or "") if frigate_config.auth.failed_login_rate_limit is None:
limiter.enabled = False
else:
auth.rateLimiter.set_limit(frigate_config.auth.failed_login_rate_limit)
app.state.limiter = limiter app.state.limiter = limiter
app.add_exception_handler(RateLimitExceeded, _rate_limit_exceeded_handler) app.add_exception_handler(RateLimitExceeded, _rate_limit_exceeded_handler)
app.add_middleware(SlowAPIMiddleware) app.add_middleware(SlowAPIMiddleware)

7
web/src/api/index.tsx
View File

@ -29,8 +29,11 @@ export function ApiProvider({ children, options }: ApiProviderType) {
error.response && error.response &&
[401, 302, 307].includes(error.response.status) [401, 302, 307].includes(error.response.status)
) { ) {
window.location.href = // redirect to the login page if not already there
error.response.headers.get("location") ?? "login"; const loginPage = error.response.headers.get("location") ?? "login";
if (window.location.href !== loginPage) {
window.location.href = loginPage;
}
} }
}, },
...options, ...options,

2
web/src/components/auth/AuthForm.tsx
View File

@ -63,7 +63,7 @@ export function UserAuthForm({ className, ...props }: UserAuthFormProps) {
toast.error("Exceeded rate limit. Try again later.", { toast.error("Exceeded rate limit. Try again later.", {
position: "top-center", position: "top-center",
}); });
} else if (err.response?.status === 400) { } else if (err.response?.status === 401) {
toast.error("Login failed", { toast.error("Login failed", {
position: "top-center", position: "top-center",
}); });