We were doing this in a number of places which meant that some login
code paths incremented the counter multiple times.
It was also applying ratelimiting to UIA endpoints, which was probably
not intentional.
In particular, some custom auth modules were calling
`check_user_exists`, which incremented the counters, meaning that people
would fail to login sometimes.
Fixes a bug where rejected events were persisted with the wrong state group.
Also fixes an occasional internal-server-error when receiving events over
federation which are rejected and (possibly because they are
backwards-extremities) have no prev_group.
Fixes#6289.
* Raise an exception if accessing state for rejected events
Add some sanity checks on accessing state_group etc for
rejected events.
* Skip calculating push actions for rejected events
It didn't actually cause any bugs, because rejected events get filtered out at
various later points, but there's not point in trying to calculate the push
actions for a rejected event.
The intention here is to make it clearer which fields we can expect to be
populated when: notably, that the _event_type etc aren't used for the
synchronous impl of EventContext.
* Add lint dependencies black, flake8 and isort
These are required when running the `lint.sh` dev scripts.
Signed-off-by: Jason Robinson <jasonr@matrix.org>
* Add contributer docs for using the providers linters script
Add also to the pull request template to avoid build failures due
to people not knowing that linters need running.
Signed-off-by: Jason Robinson <jasonr@matrix.org>
* Fix mention of linter errors correction
Co-Authored-By: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
* Add mention for installing linter dependencies
Co-Authored-By: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
* Remove linters from python dependencies as per PR review
Signed-off-by: Jason Robinson <jasonr@matrix.org>
The `http_proxy` and `HTTPS_PROXY` env vars can be set to a `host[:port]` value which should point to a proxy.
The address of the proxy should be excluded from IP blacklists such as the `url_preview_ip_range_blacklist`.
The proxy will then be used for
* push
* url previews
* phone-home stats
* recaptcha validation
* CAS auth validation
It will *not* be used for:
* Application Services
* Identity servers
* Outbound federation
* In worker configurations, connections from workers to masters
Fixes#4198.
