gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-03-12 00:45:34 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix counting of login failures if both ldap and db authentication is done

Browse Source
This commit is contained in:
Uwe Steinmann 2022-11-17 17:43:55 +01:00
parent b45bc9d57c
commit 2e4b19e4ef
4 changed files with 10 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG
View File

@ -19,6 +19,7 @@
- new hook in rest api to add more routes in extensions - new hook in rest api to add more routes in extensions
- uploaded serveral documents at once by fast upload will assign random - uploaded serveral documents at once by fast upload will assign random
sequence number to allow manually sorting the documents afterwards sequence number to allow manually sorting the documents afterwards
- fix counting of login failures if both ldap and db authentication is done
-------------------------------------------------------------------------------- --------------------------------------------------------------------------------
Changes in version 5.1.27 Changes in version 5.1.27

9
controllers/class.Login.php
View File

@ -116,6 +116,15 @@ class SeedDMS_Controller_Login extends SeedDMS_Controller_Common {
/* If the user is still not authenticated, then exit with an error */ /* If the user is still not authenticated, then exit with an error */
if(!is_object($user)) { if(!is_object($user)) {
/* if counting of login failures is turned on, then increment its value */
if($settings->_loginFailure) {
$user = $dms->getUserByLogin($login);
if($user) {
$failures = $user->addLoginFailure();
if($failures >= $settings->_loginFailure)
$user->setDisabled(true);
}
}
$this->callHook('loginFailed'); $this->callHook('loginFailed');
$this->setErrorMsg("login_error_text"); $this->setErrorMsg("login_error_text");
return false; return false;

6
inc/inc.ClassDbAuthentication.php
View File

@ -43,12 +43,6 @@ class SeedDMS_DbAuthentication extends SeedDMS_Authentication {
// Assume that the password has been sent via HTTP POST. It would be careless // Assume that the password has been sent via HTTP POST. It would be careless
// (and dangerous) for passwords to be sent via GET. // (and dangerous) for passwords to be sent via GET.
if (!seed_pass_verify($password, $user->getPwd())) { if (!seed_pass_verify($password, $user->getPwd())) {
/* if counting of login failures is turned on, then increment its value */
if($settings->_loginFailure) {
$failures = $user->addLoginFailure();
if($failures >= $settings->_loginFailure)
$user->setDisabled(true);
}
$user = false; $user = false;
} }
} }

6
inc/inc.ClassLdapAuthentication.php
View File

@ -134,12 +134,6 @@ class SeedDMS_LdapAuthentication extends SeedDMS_Authentication {
} }
} }
} elseif($user) { } elseif($user) {
$userid = $user->getID();
if($settings->_loginFailure) {
$failures = $user->addLoginFailure();
if($failures >= $settings->_loginFailure)
$user->setDisabled(true);
}
$user = false; $user = false;
} }
ldap_close($ds); ldap_close($ds);