policies/reputation: handle cache error

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-07-13 18:47:32 +02:00
parent 7dfc621ae4
commit 84e9748340
2 changed files with 50 additions and 5 deletions

View file

@ -21,12 +21,15 @@ def update_score(request: HttpRequest, username: str, amount: int):
"""Update score for IP and User"""
remote_ip = get_client_ip(request)
# We only update the cache here, as its faster than writing to the DB
cache.get_or_set(CACHE_KEY_IP_PREFIX + remote_ip, 0, CACHE_TIMEOUT)
cache.incr(CACHE_KEY_IP_PREFIX + remote_ip, amount)
try:
# We only update the cache here, as its faster than writing to the DB
cache.get_or_set(CACHE_KEY_IP_PREFIX + remote_ip, 0, CACHE_TIMEOUT)
cache.incr(CACHE_KEY_IP_PREFIX + remote_ip, amount)
cache.get_or_set(CACHE_KEY_USER_PREFIX + username, 0, CACHE_TIMEOUT)
cache.incr(CACHE_KEY_USER_PREFIX + username, amount)
cache.get_or_set(CACHE_KEY_USER_PREFIX + username, 0, CACHE_TIMEOUT)
cache.incr(CACHE_KEY_USER_PREFIX + username, amount)
except ValueError as exc:
LOGGER.warning("failed to set reputation", exc=exc)
LOGGER.debug("Updated score", amount=amount, for_user=username, for_ip=remote_ip)

View file

@ -0,0 +1,42 @@
---
title: Release 2021.7
slug: "2021.7"
---
## Headline Changes
- TLS Support for LDAP Providers
You can now configure certificates for your LDAP Providers, meaning that all communication will be done encrypted.
- Add bundeled docs
You can now browse the authentik docs for your version by browsing to `/help`. This means you don't have to rely on an
internet connection to check the logs, and you also have the correct logs for your currently running version.
## Minor changes
- Fix LDAP outpost not parsing arrays from user and group attributes correctly
- Fix LDAP outpost missing a `member` field on groups with all member DNs
- Allow configuration of Redis port
- Tunnel Sentry requests through authentik to prevent them being blocked by ad-blockers
- core: fix error when setting icon/background to url longer than 100 chars
- events: fix error when slack notification request failed without a response
- flows: allow variable substitution in flow titles
- providers/oauth2: allow blank redirect_uris to allow any redirect_uri
- providers/saml: fix parsing of POST bindings
- root: set samesite to None for SAML POST flows
- root: subclass SessionMiddleware to set Secure and SameSite flag depending on context
- web: fix error when showing error message of request
## Upgrading
This release does not introduce any new requirements.
### docker-compose
Download the docker-compose file for 2021.7 from [here](https://raw.githubusercontent.com/goauthentik/authentik/version-2021.7/docker-compose.yml). Afterwards, simply run `docker-compose up -d`.
### Kubernetes
Upgrade to the latest chart version to get the new images.