How to manage this error "Fault: <Fault '429': 'TOO MANY REQUESTS'>"

iehoshia · November 21, 2018, 6:28pm

Hi,

Today some user entered his password incorrectly and now I have this message from client [1]. How to work with this and allow the user login?

[1]
Traceback (most recent call last):
File “tryton/gui/main.py”, line 858, in sig_login
File “tryton/common/common.py”, line 1124, in init
File “tryton/gui/main.py”, line 855, in
File “tryton/rpc.py”, line 72, in login
File “C:/msys32/mingw32/lib/python2.7/xmlrpclib.py”, line 1243, in call
File “tryton/jsonrpc.py”, line 288, in __request

ced · November 21, 2018, 10:28pm

You do not manage. It is a protection against brute force. The user must wait for [session] timeout seconds before being allowed to retry.

fmorato · November 26, 2018, 10:20am

If you must, you can clear the DB table for login attempts.

I’m not sure if it is related, but when I enter wrong password in tryton client, I can see that it sends many requests to the server before notifying that it was wrong credentials. When I correct the credentials it says 429 Too many requests.

ced · November 26, 2018, 11:11am

It must send only two requests:

One with the wrong password which raise an error
A second with just the login name which must raise the new request of the password