mirror of
https://git.code.sf.net/p/seeddms/code
synced 2026-05-08 13:31:24 +00:00
disable login for an increasing amount of time if credentials are wrong
This commit is contained in:
Uwe Steinmann
parent
f291608772
commit
d4f9b1e500
|
|
@ -58,6 +58,12 @@ class SeedDMS_Controller_Login extends SeedDMS_Controller_Common {
|
|||
return false;
|
||||
}
|
||||
|
||||
// Check if account is temporarily disabled
|
||||
if($settings->_loginDelay && $user->getDisabledUntil() > date('Y-m-d H:i:s')) {
|
||||
$this->setErrorMsg("login_disabled_until_text");
|
||||
return false;
|
||||
}
|
||||
|
||||
// control admin IP address if required
|
||||
if ($user->isAdmin() && ($_SERVER['REMOTE_ADDR'] != $settings->_adminIP ) && ( $settings->_adminIP != "") ){
|
||||
$this->setErrorMsg("invalid_user_id");
|
||||
|
|
|
|||
|
|
@ -72,6 +72,8 @@ class Settings { /* {{{ */
|
|||
var $_allowUnsecurePassword = false;
|
||||
// Number of failed logins before account is disabled
|
||||
var $_loginFailure = 0;
|
||||
// increase the login delay between logins after each failed login
|
||||
var $_loginDelay = false;
|
||||
// User id that is automatically logged if nobody is logged in
|
||||
var $_autoLoginUser = 0;
|
||||
// maximum amount of bytes a user may consume, 0 = unlimited
|
||||
|
|
@ -754,6 +756,7 @@ class Settings { /* {{{ */
|
|||
$this->_passwordHistory = intval($tab["passwordHistory"]);
|
||||
$this->_allowUnsecurePassword = Settings::boolVal($tab["allowUnsecurePassword"]);
|
||||
$this->_loginFailure = intval($tab["loginFailure"]);
|
||||
$this->_loginDelay = Settings::boolVal($tab["loginDelay"]);
|
||||
$this->_autoLoginUser = intval($tab["autoLoginUser"]);
|
||||
$this->_quota = intval($tab["quota"]);
|
||||
if(trim(strval($tab["undelUserIds"])))
|
||||
|
|
@ -1184,6 +1187,7 @@ class Settings { /* {{{ */
|
|||
$this->setXMLAttributValue($node, "passwordHistory", $this->_passwordHistory);
|
||||
$this->setXMLAttributValue($node, "allowUnsecurePassword", $this->_allowUnsecurePassword);
|
||||
$this->setXMLAttributValue($node, "loginFailure", $this->_loginFailure);
|
||||
$this->setXMLAttributValue($node, "loginDelay", $this->_loginDelay);
|
||||
$this->setXMLAttributValue($node, "autoLoginUser", $this->_autoLoginUser);
|
||||
$this->setXMLAttributValue($node, "quota", $this->_quota);
|
||||
$this->setXMLAttributValue($node, "undelUserIds", implode(',', $this->_undelUserIds));
|
||||
|
|
|
|||
|
|
@ -215,6 +215,7 @@ if ($action == "saveSettings")
|
|||
setIntValue("passwordHistory");
|
||||
setBoolValue("allowUnsecurePassword");
|
||||
setIntValue("loginFailure");
|
||||
setBoolValue("loginDelay");
|
||||
setIntValue("autoLoginUser");
|
||||
setIntValue("quota");
|
||||
setArrayValue("undelUserIds");
|
||||
|
|
|
|||
|
|
@ -787,6 +787,7 @@ if(($kkk = $this->callHook('getFullSearchEngine')) && is_array($kkk))
|
|||
<?php $this->showConfigCheckbox('settings_allowUnsecurePassword', 'allowUnsecurePassword'); ?>
|
||||
<?php $this->showConfigText('settings_loginFailure', 'loginFailure'); ?>
|
||||
<?php $this->showConfigUser('settings_autoLoginUser', 'autoLoginUser', true); ?>
|
||||
<?php $this->showConfigCheckbox('settings_loginDelay', 'loginDelay'); ?>
|
||||
<?php $this->showConfigText('settings_quota', 'quota'); ?>
|
||||
<?php $this->showConfigUser('settings_undelUserIds', 'undelUserIds', true, true); ?>
|
||||
<?php $this->showConfigText('settings_encryptionKey', 'encryptionKey', 'password'); ?>
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user