Bump version to 0.0.5

This commit is contained in:
Quantum 2025-07-20 18:43:45 -04:00
parent a308005e90
commit 2c873ba74d
3 changed files with 17 additions and 2 deletions

View file

@ -89,6 +89,9 @@ the client does not support Kerberos. To use this, configure:
There should be one `%s` symbol in this string, which will be replaced by the
username.
You may also choose to exclusively use LDAP without using any Kerberos or GSSAPI
by setting the environment variable `KRBAUTH_DISABLE_GSSAPI=yes`.
### TLS Client Certificate
It's also possible to use client certificates on machines that have them for
@ -110,6 +113,16 @@ ssl_client_certificate /path/to/ca.crt;
ssl_verify_client optional;
```
### Rate limiting
`nginx-krbauth` supports rate limiting. The rate limiting frequency can be
configured by `KRBAUTH_LIMITER_FREQUENCY` environment variable. The default is
`10 / 5 minute`, but you can adjust this as needed.
The rate limiting state is stored in memory. You can use any
[storage mechanism][limits-storage] supported by the `limits` PyPI package.
Remember to install any dependencies!
## Example `nginx.conf`
```nginx
@ -128,3 +141,5 @@ location /krbauth {
include uwsgi_params;
}
```
[limits-storage]: https://limits.readthedocs.io/en/stable/storage.html#storage-scheme

View file

@ -24,7 +24,7 @@ app.url_map.add(Rule('/krbauth', endpoint='krbauth.auth'))
app.url_map.add(Rule('/krbauth/check', endpoint='krbauth.check'))
LIMITER_STORAGE = os.environ.get('KRBAUTH_LIMITER_STORAGE', 'memory://')
LIMITER_FREQUENCY = os.environ.get('KRBAUTH_LIMITER_FREQUENCY', '3/minute')
LIMITER_FREQUENCY = os.environ.get('KRBAUTH_LIMITER_FREQUENCY', '10 / 5 minute')
limiter = Limiter(get_remote_address, app=app, storage_uri=LIMITER_STORAGE)
timestamp = struct.Struct('!q')

View file

@ -7,7 +7,7 @@ with open(os.path.join(os.path.dirname(__file__), 'README.md')) as f:
setup(
name='nginx_krbauth',
version='0.0.4',
version='0.0.5',
py_modules=['nginx_krbauth'],
install_requires=['flask', 'gssapi', 'python-ldap', 'flask-limiter'],