@@ -137,7 +137,7 @@ class RateLimiter:
137137
138138 def __init__ (
139139 self ,
140- key_getter : Optional [ Callable [[Any ], str ]] = None ,
140+ key_getter : Callable [[Any ], str ],
141141 threshold : int = 20 ,
142142 block_time : int = 60 ,
143143 store : Optional [AuthenticationAttemptsStore ] = None ,
@@ -148,10 +148,8 @@ def __init__(
148148 Initialize a RateLimiter instance for brute-force protection.
149149
150150 Args:
151- key_getter: Optional callable that extracts a unique key from the
151+ key_getter: Callable that extracts a unique key from the
152152 authentication context (e.g., client IP address, username).
153- If None, brute-force protection is disabled and a deprecation
154- warning is issued.
155153 threshold: Maximum number of failed authentication attempts allowed
156154 before blocking. Must be a positive integer. Defaults to 20.
157155 block_time: Duration in seconds to block further attempts after
@@ -173,6 +171,8 @@ def __init__(
173171 self ._store = store or SelfCleaningInMemoryAuthenticationAttemptsStore (
174172 max_entry_age = self ._block_time + 5
175173 )
174+ if not key_getter :
175+ raise TypeError ("Missing key_getter" )
176176 self ._key_getter = key_getter
177177 self ._logger = logger or logging .getLogger ("guardpost" )
178178
@@ -182,8 +182,6 @@ def get_context_key(self, context: Any) -> str:
182182 If a key_getter is not configured, rate limiting is disabled and
183183 returns an empty string.
184184 """
185- if not self ._key_getter :
186- return ""
187185 return self ._key_getter (context )
188186
189187 async def validate_authentication_attempt (self , context : Any ) -> None :
0 commit comments