request: Store client information using ZulipRequestNotes.

This concludes the HttpRequest migration to eliminate arbitrary attributes (except private ones that are belong to django) attached to the request object during runtime and migrated them to a separate data structure dedicated for the purpose of adding information (so called notes) to a HttpRequest.
2025-11-01 20:44:04 +00:00 · 2021-07-10 00:10:51 +08:00
parent 26875cdf0b
commit c03b9c95ad
20 changed files with 89 additions and 55 deletions
--- a/zproject/backends.py
+++ b/zproject/backends.py
@@ -278,7 +278,9 @@ def rate_limit_auth(auth_func: AuthFuncT, *args: Any, **kwargs: Any) -> Optional

    request = args[1]
    username = kwargs["username"]
-    if not hasattr(request, "client") or not client_is_exempt_from_rate_limiting(request):
+    if get_request_notes(request).client is None or not client_is_exempt_from_rate_limiting(
+        request
+    ):
        # Django cycles through enabled authentication backends until one succeeds,
        # or all of them fail. If multiple backends are tried like this, we only want
        # to execute rate_limit_authentication_* once, on the first attempt: