Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Handle InvalidToken from the captcha #237

Closed
lmacken opened this issue Aug 20, 2015 · 0 comments
Closed

Handle InvalidToken from the captcha #237

lmacken opened this issue Aug 20, 2015 · 0 comments
Labels
API Issues related to Bodhi's REST API

Comments

@lmacken
Copy link
Contributor

lmacken commented Aug 20, 2015

Traceback from production:

Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/paste/deploy/config.py", line 291, in __call__
    return self.app(environ, start_response)
  File "/usr/lib/python2.7/site-packages/pyramid/router.py", line 242, in __call__
    response = self.invoke_subrequest(request, use_tweens=True)
  File "/usr/lib/python2.7/site-packages/pyramid/router.py", line 217, in invoke_subrequest
    response = handle_request(request)
  File "/usr/lib/python2.7/site-packages/pyramid/tweens.py", line 46, in excview_tween
    response = view_callable(exc, request)
  File "/usr/lib/python2.7/site-packages/pyramid/config/views.py", line 385, in viewresult_to_response
    result = view(context, request)
  File "/usr/lib/python2.7/site-packages/pyramid/tweens.py", line 21, in excview_tween
    response = handler(request)
  File "/usr/lib/python2.7/site-packages/pyramid_tm/__init__.py", line 82, in tm_tween
    reraise(*exc_info)
  File "/usr/lib/python2.7/site-packages/pyramid_tm/__init__.py", line 63, in tm_tween
    response = handler(request)
  File "/usr/lib/python2.7/site-packages/pyramid/router.py", line 163, in handle_request
    response = view_callable(context, request)
  File "/usr/lib/python2.7/site-packages/pyramid/config/views.py", line 355, in rendered_view
    result = view(context, request)
  File "/usr/lib/python2.7/site-packages/pyramid/config/views.py", line 501, in _requestonly_view
    response = view(request)
  File "/usr/lib/python2.7/site-packages/bodhi/captcha.py", line 119, in captcha_image
    plainkey = decrypt(cipherkey, request.registry.settings)
  File "/usr/lib/python2.7/site-packages/bodhi/captcha.py", line 112, in decrypt
    plaintext = engine.decrypt(ciphertext, ttl=int(settings['captcha.ttl']))
  File "/usr/lib64/python2.7/site-packages/cryptography/fernet.py", line 93, in decrypt
    raise InvalidToken
InvalidToken
@ralphbean ralphbean added the API Issues related to Bodhi's REST API label Aug 21, 2015
ralphbean added a commit that referenced this issue Aug 26, 2015
The main case here is where we handle HTTPGone.  The vast majority of our
production tracebacks are from here where (somehow) people are loading forms
that generate captchas (which works) and then way later, they are requesting
those same captcha images again (over 300 seconds later.. that's like 5
minutes). I *bet* this is happening if someone has a bodhi update page open,
and then their browser crashes and tries to restore its previous state, or
something like that.

Anyways, this patch adds a catch to that main "captcha is expired"
``InvalidToken`` traceback that is spamming our logs.  It turns it into a 410
Gone statuscode, which makes sense. While testing it, I tried passing in
garbage which generated a different ``TypeError`` from the base64 module, so I
caught that too.

Fixes #237.
ralphbean added a commit that referenced this issue Sep 9, 2015
The main case here is where we handle HTTPGone.  The vast majority of our
production tracebacks are from here where (somehow) people are loading forms
that generate captchas (which works) and then way later, they are requesting
those same captcha images again (over 300 seconds later.. that's like 5
minutes). I *bet* this is happening if someone has a bodhi update page open,
and then their browser crashes and tries to restore its previous state, or
something like that.

Anyways, this patch adds a catch to that main "captcha is expired"
``InvalidToken`` traceback that is spamming our logs.  It turns it into a 410
Gone statuscode, which makes sense. While testing it, I tried passing in
garbage which generated a different ``TypeError`` from the base64 module, so I
caught that too.

Fixes #237.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
API Issues related to Bodhi's REST API
Projects
None yet
Development

No branches or pull requests

2 participants