Newer versions of the redis go libraries include built-in support for
compression of values going to and from redis. Since the controller
is extremely chatty and makes heavy use of redis for caching, this
reduces the amount of bandwidth requires significantly.
This change should be backwards compatible since the redis libraries
detect whether or not compression was used and does not error in the
no compression case.
Fixes#4256
* fix: Add initial implementation for rate limiting failed logins
* Trigger test build
* Remove deprecated code and fix new project tests
* move cache related code from sessionmanager to cache access wrapper
* avoid using sleep in sessionmanager tests
* mention SECONDS in session manager environment variables to make it easier to understand meaning of each variable
* Login button should be disabled while user is waiting for login result
* prevent timing-based user enumeration attack
* reject too many failed attempts; always compute hash and introduce random delay
* remove unused constants
* fix linter errors
Co-authored-by: Alexander Matyushentsev <amatyushentsev@gmail.com>
