Open madfordmac opened 1 month ago
It seems that Redis will not give you the value when a key expires. This StackOverflow question has a method for doing this kind of operation at the cost of an additional key in the Redis database, but we don't really store that many keys.
Background
When we add an IP to redis, we set an expiry time. That expiry serves two purposes:
We listen for expiry events from redis to un-ban an IP, but we receive those events for IPs that only tried once or twice and never got banned as well.
Issue
Currently, we log an attempt to unban an IP that's not in the list of blocked IPs as a warning. But that's really only valid as a warning if they had been banned. Maybe it's an info-level alert that their count was reset??
Possible resolutions
Of these, I'd prefer the first as I'd rather not keep separate state.