api: add basic rate limiting for sentry endpoint

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

authentik/api/v2/sentry.py

@@ -4,16 +4,23 @@ from json import loads
 from django.conf import settings
 from django.http.request import HttpRequest
 from django.http.response import HttpResponse
-from django.views.generic.base import View
 from requests import post
 from requests.exceptions import RequestException
+from rest_framework.permissions import AllowAny
+from rest_framework.throttling import AnonRateThrottle, UserRateThrottle
+from rest_framework.views import APIView
 
 from authentik.lib.config import CONFIG
 
 
-class SentryTunnelView(View):
+class SentryTunnelView(APIView):
     """Sentry tunnel, to prevent ad blockers from blocking sentry"""
 
+    serializer_class = None
+    parser_classes = []
+    throttle_classes = [AnonRateThrottle, UserRateThrottle]
+    permission_classes = [AllowAny]
+
     def post(self, request: HttpRequest, *args, **kwargs) -> HttpResponse:
         """Sentry tunnel, to prevent ad blockers from blocking sentry"""
         # Only allow usage of this endpoint when error reporting is enabled

schema.yml

@@ -12402,6 +12402,23 @@ paths:
           $ref: '#/components/schemas/ValidationError'
         '403':
           $ref: '#/components/schemas/GenericError'
+  /api/v2beta/sentry/:
+    post:
+      operationId: sentry_create
+      description: Sentry tunnel, to prevent ad blockers from blocking sentry
+      tags:
+      - sentry
+      security:
+      - authentik: []
+      - cookieAuth: []
+      - {}
+      responses:
+        '200':
+          description: No response body
+        '400':
+          $ref: '#/components/schemas/ValidationError'
+        '403':
+          $ref: '#/components/schemas/GenericError'
   /api/v2beta/sources/all/:
     get:
       operationId: sources_all_list