aboutsummaryrefslogtreecommitdiffstats
path: root/lib/private/AppFramework/Middleware/Security/RateLimitingMiddleware.php
diff options
context:
space:
mode:
Diffstat (limited to 'lib/private/AppFramework/Middleware/Security/RateLimitingMiddleware.php')
-rw-r--r--lib/private/AppFramework/Middleware/Security/RateLimitingMiddleware.php7
1 files changed, 7 insertions, 0 deletions
diff --git a/lib/private/AppFramework/Middleware/Security/RateLimitingMiddleware.php b/lib/private/AppFramework/Middleware/Security/RateLimitingMiddleware.php
index 6f84a0c94d0..ffaa0cd19cb 100644
--- a/lib/private/AppFramework/Middleware/Security/RateLimitingMiddleware.php
+++ b/lib/private/AppFramework/Middleware/Security/RateLimitingMiddleware.php
@@ -40,6 +40,7 @@ use OCP\AppFramework\Http\Response;
use OCP\AppFramework\Http\TemplateResponse;
use OCP\AppFramework\Middleware;
use OCP\IRequest;
+use OCP\ISession;
use OCP\IUserSession;
use ReflectionMethod;
@@ -70,6 +71,7 @@ class RateLimitingMiddleware extends Middleware {
protected IUserSession $userSession,
protected ControllerMethodReflector $reflector,
protected Limiter $limiter,
+ protected ISession $session,
) {
}
@@ -81,6 +83,11 @@ class RateLimitingMiddleware extends Middleware {
parent::beforeController($controller, $methodName);
$rateLimitIdentifier = get_class($controller) . '::' . $methodName;
+ if ($this->session->exists('app_api_system')) {
+ // Bypass rate limiting for app_api
+ return;
+ }
+
if ($this->userSession->isLoggedIn()) {
$rateLimit = $this->readLimitFromAnnotationOrAttribute($controller, $methodName, 'UserRateThrottle', UserRateLimit::class);
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-16 17:48:16 +0000