diff --git a/Gemfile b/Gemfile index 232089fa04..9a171b5b63 100644 --- a/Gemfile +++ b/Gemfile @@ -35,6 +35,7 @@ gem 'htmlentities' gem 'onebox' gem 'simple_form' gem 'will_paginate', '~> 3.0.6' +gem 'rack-attack' group :development, :test do gem 'rspec-rails' @@ -55,6 +56,7 @@ group :development do gem 'better_errors' gem 'binding_of_caller' gem 'rack-mini-profiler' + gem 'letter_opener' end group :production do diff --git a/Gemfile.lock b/Gemfile.lock index 1fd718c8e6..adbf3e5377 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -129,6 +129,10 @@ GEM railties (>= 4.2.0) thor (>= 0.14, < 2.0) json (1.8.3) + launchy (2.4.3) + addressable (~> 2.3) + letter_opener (1.4.1) + launchy (~> 2.2) libv8 (3.16.14.13) loofah (2.0.3) nokogiri (>= 1.5.9) @@ -180,6 +184,8 @@ GEM rabl (0.12.0) activesupport (>= 2.3.14) rack (1.6.4) + rack-attack (4.4.1) + rack rack-mini-profiler (0.9.9.2) rack (>= 1.2.0) rack-test (0.6.3) @@ -331,6 +337,7 @@ DEPENDENCIES http jbuilder (~> 2.0) jquery-rails + letter_opener nokogiri oj onebox @@ -342,6 +349,7 @@ DEPENDENCIES puma quiet_assets rabl + rack-attack rack-mini-profiler rails (= 4.2.5.1) rails_12factor diff --git a/config/application.rb b/config/application.rb index e7634854ae..9d8d6022d5 100644 --- a/config/application.rb +++ b/config/application.rb @@ -33,5 +33,7 @@ module Mastodon Doorkeeper::AuthorizedApplicationsController.layout 'dashboard' Doorkeeper::AuthorizationsController.layout 'auth' end + + config.middleware.use Rack::Attack end end diff --git a/config/environments/development.rb b/config/environments/development.rb index b55e2144b6..76e52312d3 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -38,4 +38,6 @@ Rails.application.configure do # Raises error for missing translations # config.action_view.raise_on_missing_translations = true + + config.action_mailer.delivery_method = :letter_opener end diff --git a/config/initializers/rack-attack.rb b/config/initializers/rack-attack.rb new file mode 100644 index 0000000000..fc2b56c875 --- /dev/null +++ b/config/initializers/rack-attack.rb @@ -0,0 +1,3 @@ +class Rack::Attack + # TODO +end