rate_limiter: Rename authenticate domain to authenticate_by_username.

This prepares for adding authenticate_by_ip_address.

zerver/tests/test_auth_backends.py

@@ -494,7 +494,7 @@ class RateLimitAuthenticationTests(ZulipTestCase):
             request = HttpRequest()
             return attempt_authentication_func(request, username, password)
 
-        add_ratelimit_rule(10, 2, domain='authenticate')
+        add_ratelimit_rule(10, 2, domain='authenticate_by_username')
         with mock.patch.object(RateLimitedAuthenticationByUsername, 'key_fragment', new=_mock_key_fragment):
             try:
                 start_time = time.time()
@@ -523,7 +523,7 @@ class RateLimitAuthenticationTests(ZulipTestCase):
             finally:
                 # Clean up to avoid affecting other tests.
                 clear_history(RateLimitedAuthenticationByUsername(username))
-                remove_ratelimit_rule(10, 2, domain='authenticate')
+                remove_ratelimit_rule(10, 2, domain='authenticate_by_username')
 
     def test_email_auth_backend_user_based_rate_limiting(self) -> None:
         user_profile = self.example_user('hamlet')

zerver/tests/test_settings.py

@@ -209,7 +209,7 @@ class ChangeSettingsTest(ZulipTestCase):
     def test_wrong_old_password_rate_limiter(self) -> None:
         self.login(self.example_email("hamlet"))
         with self.settings(RATE_LIMITING_AUTHENTICATE=True):
-            add_ratelimit_rule(10, 2, domain='authenticate')
+            add_ratelimit_rule(10, 2, domain='authenticate_by_username')
             start_time = time.time()
             with mock.patch('time.time', return_value=start_time):
                 result = self.client_patch(
@@ -246,7 +246,7 @@ class ChangeSettingsTest(ZulipTestCase):
                     ))
                 self.assert_json_success(json_result)
 
-            remove_ratelimit_rule(10, 2, domain='authenticate')
+            remove_ratelimit_rule(10, 2, domain='authenticate_by_username')
 
     @override_settings(AUTHENTICATION_BACKENDS=('zproject.backends.ZulipLDAPAuthBackend',
                                                 'zproject.backends.EmailAuthBackend',

zerver/tests/test_signup.py

@@ -524,7 +524,7 @@ class LoginTest(ZulipTestCase):
     def test_login_bad_password_rate_limiter(self) -> None:
         user_profile = self.example_user("hamlet")
         email = user_profile.email
-        add_ratelimit_rule(10, 2, domain='authenticate')
+        add_ratelimit_rule(10, 2, domain='authenticate_by_username')
 
         start_time = time.time()
         with patch('time.time', return_value=start_time):
@@ -543,7 +543,7 @@ class LoginTest(ZulipTestCase):
             self.login_with_return(email)
             self.assert_logged_in_user_id(user_profile.id)
 
-        remove_ratelimit_rule(10, 2, domain='authenticate')
+        remove_ratelimit_rule(10, 2, domain='authenticate_by_username')
 
     def test_login_nonexist_user(self) -> None:
         result = self.login_with_return("xxx@zulip.com", "xxx")

zproject/backends.py

@@ -169,7 +169,7 @@ def common_get_active_user(email: str, realm: Realm,
     return user_profile
 
 AuthFuncT = TypeVar('AuthFuncT', bound=Callable[..., Optional[UserProfile]])
-rate_limiting_rules = settings.RATE_LIMITING_RULES['authenticate']
+rate_limiting_rules = settings.RATE_LIMITING_RULES['authenticate_by_username']
 
 class RateLimitedAuthenticationByUsername(RateLimitedObject):
     def __init__(self, username: str) -> None:

zproject/settings.py

@@ -357,7 +357,7 @@ RATE_LIMITING_RULES = {
     'api_by_user': [
         (60, 200),  # 200 requests max every minute
     ],
-    'authenticate': [
+    'authenticate_by_username': [
         (1800, 5),  # 5 login attempts within 30 minutes
     ],
     'password_reset_form_by_email': [

zproject/test_settings.py

@@ -222,5 +222,6 @@ SOCIAL_AUTH_SAML_ENABLED_IDPS = {
 
 RATE_LIMITING_RULES = {
     'api_by_user': [],
-    'authenticate': [],
+    'authenticate_by_username': [],
+    'password_reset_form_by_email': [],
 }