llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-07-03 04:10:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: add the FailedSigninLimit and FailedSigninfrozenTime configuration options to the application (#2552)

Browse Source 
Add configuration items to the application to limit the number of logins and the login wait time after the maximum number of errors is reached
feat: #2272

fix: fixed the issue where the token parameter could be set to a negative value
This commit is contained in:
HGZ-20
2023-12-20 22:29:53 +08:00
committed by GitHub
parent f8905ae64c
commit 5499e62d7f
30 changed files with 185 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
object/check.go
View File

@ -28,8 +28,9 @@ import (
)
const (
SigninWrongTimesLimit = 5
LastSignWrongTimeDuration = time.Minute * 15
DefaultFailedSigninLimit = 5
// DefaultFailedSigninfrozenTime The unit of frozen time is minutes
DefaultFailedSigninfrozenTime = 15
)
func CheckUserSignup(application *Application, organization *Organization, form *form.AuthForm, lang string) string {
@ -143,10 +144,15 @@ func CheckUserSignup(application *Application, organization *Organization, form
}
func checkSigninErrorTimes(user *User, lang string) error {
if user.SigninWrongTimes >= SigninWrongTimesLimit {
failedSigninLimit, failedSigninfrozenTime, err := GetFailedSigninConfigByUser(user)
if err != nil {
return err
}
if user.SigninWrongTimes >= failedSigninLimit {
lastSignWrongTime, _ := time.Parse(time.RFC3339, user.LastSigninWrongTime)
passedTime := time.Now().UTC().Sub(lastSignWrongTime)
minutes := int(LastSignWrongTimeDuration.Minutes() - passedTime.Minutes())
minutes := failedSigninfrozenTime - int(passedTime.Minutes())
// deny the login if the error times is greater than the limit and the last login time is less than the duration
if minutes > 0 {
@ -479,7 +485,14 @@ func CheckToEnableCaptcha(application *Application, organization, username strin
if err != nil {
return false, err
}
return user != nil && user.SigninWrongTimes >= SigninWrongTimesLimit, nil
var failedSigninLimit int
if application.FailedSigninLimit == 0 {
failedSigninLimit = 5
} else {
failedSigninLimit = application.FailedSigninLimit
}
return user != nil && user.SigninWrongTimes >= failedSigninLimit, nil
}
return providerItem.Rule == "Always", nil
}