From 84e97483404c4895891b0049c04e460a81bd7672 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Tue, 13 Jul 2021 18:47:32 +0200 Subject: [PATCH] policies/reputation: handle cache error Signed-off-by: Jens Langhammer --- authentik/policies/reputation/signals.py | 13 +++++--- website/docs/releases/v2021.7.md | 42 ++++++++++++++++++++++++ 2 files changed, 50 insertions(+), 5 deletions(-) create mode 100644 website/docs/releases/v2021.7.md diff --git a/authentik/policies/reputation/signals.py b/authentik/policies/reputation/signals.py index 361490c96..c02670a9c 100644 --- a/authentik/policies/reputation/signals.py +++ b/authentik/policies/reputation/signals.py @@ -21,12 +21,15 @@ def update_score(request: HttpRequest, username: str, amount: int): """Update score for IP and User""" remote_ip = get_client_ip(request) - # We only update the cache here, as its faster than writing to the DB - cache.get_or_set(CACHE_KEY_IP_PREFIX + remote_ip, 0, CACHE_TIMEOUT) - cache.incr(CACHE_KEY_IP_PREFIX + remote_ip, amount) + try: + # We only update the cache here, as its faster than writing to the DB + cache.get_or_set(CACHE_KEY_IP_PREFIX + remote_ip, 0, CACHE_TIMEOUT) + cache.incr(CACHE_KEY_IP_PREFIX + remote_ip, amount) - cache.get_or_set(CACHE_KEY_USER_PREFIX + username, 0, CACHE_TIMEOUT) - cache.incr(CACHE_KEY_USER_PREFIX + username, amount) + cache.get_or_set(CACHE_KEY_USER_PREFIX + username, 0, CACHE_TIMEOUT) + cache.incr(CACHE_KEY_USER_PREFIX + username, amount) + except ValueError as exc: + LOGGER.warning("failed to set reputation", exc=exc) LOGGER.debug("Updated score", amount=amount, for_user=username, for_ip=remote_ip) diff --git a/website/docs/releases/v2021.7.md b/website/docs/releases/v2021.7.md new file mode 100644 index 000000000..1c0583cab --- /dev/null +++ b/website/docs/releases/v2021.7.md @@ -0,0 +1,42 @@ +--- +title: Release 2021.7 +slug: "2021.7" +--- + +## Headline Changes + +- TLS Support for LDAP Providers + + You can now configure certificates for your LDAP Providers, meaning that all communication will be done encrypted. + +- Add bundeled docs + + You can now browse the authentik docs for your version by browsing to `/help`. This means you don't have to rely on an + internet connection to check the logs, and you also have the correct logs for your currently running version. + +## Minor changes + +- Fix LDAP outpost not parsing arrays from user and group attributes correctly +- Fix LDAP outpost missing a `member` field on groups with all member DNs +- Allow configuration of Redis port +- Tunnel Sentry requests through authentik to prevent them being blocked by ad-blockers +- core: fix error when setting icon/background to url longer than 100 chars +- events: fix error when slack notification request failed without a response +- flows: allow variable substitution in flow titles +- providers/oauth2: allow blank redirect_uris to allow any redirect_uri +- providers/saml: fix parsing of POST bindings +- root: set samesite to None for SAML POST flows +- root: subclass SessionMiddleware to set Secure and SameSite flag depending on context +- web: fix error when showing error message of request + +## Upgrading + +This release does not introduce any new requirements. + +### docker-compose + +Download the docker-compose file for 2021.7 from [here](https://raw.githubusercontent.com/goauthentik/authentik/version-2021.7/docker-compose.yml). Afterwards, simply run `docker-compose up -d`. + +### Kubernetes + +Upgrade to the latest chart version to get the new images.