mirror of
https://github.com/jellyfin/jellyfin.git
synced 2024-07-08 23:00:51 +02:00
configurable user lockout
This commit is contained in:
parent
221389089c
commit
1ee016c997
|
@ -219,7 +219,7 @@ namespace Emby.Server.Implementations.Library
|
||||||
//This is some regex that matches only on unicode "word" characters, as well as -, _ and @
|
//This is some regex that matches only on unicode "word" characters, as well as -, _ and @
|
||||||
//In theory this will cut out most if not all 'control' characters which should help minimize any weirdness
|
//In theory this will cut out most if not all 'control' characters which should help minimize any weirdness
|
||||||
// Usernames can contain letters (a-z + whatever else unicode is cool with), numbers (0-9), dashes (-), underscores (_), apostrophes ('), and periods (.)
|
// Usernames can contain letters (a-z + whatever else unicode is cool with), numbers (0-9), dashes (-), underscores (_), apostrophes ('), and periods (.)
|
||||||
return Regex.IsMatch(username, "^[\\w-'._@]*$");
|
return Regex.IsMatch(username, @"^[\w-'._@]*$");
|
||||||
}
|
}
|
||||||
|
|
||||||
private static bool IsValidUsernameCharacter(char i)
|
private static bool IsValidUsernameCharacter(char i)
|
||||||
|
@ -448,11 +448,19 @@ namespace Emby.Server.Implementations.Library
|
||||||
|
|
||||||
user.Policy.InvalidLoginAttemptCount = newValue;
|
user.Policy.InvalidLoginAttemptCount = newValue;
|
||||||
|
|
||||||
var maxCount = user.Policy.IsAdministrator ? 3 : 5;
|
// Check for users without a value here and then fill in the default value
|
||||||
|
// also protect from an always lockout if misconfigured
|
||||||
|
if (user.Policy.LoginAttemptsBeforeLockout == null || user.Policy.LoginAttemptsBeforeLockout == 0)
|
||||||
|
{
|
||||||
|
user.Policy.LoginAttemptsBeforeLockout = user.Policy.IsAdministrator ? 5 : 3;
|
||||||
|
}
|
||||||
|
|
||||||
|
var maxCount = user.Policy.LoginAttemptsBeforeLockout;
|
||||||
|
|
||||||
var fireLockout = false;
|
var fireLockout = false;
|
||||||
|
|
||||||
if (newValue >= maxCount)
|
// -1 can be used to specify no lockout value
|
||||||
|
if (maxCount != -1 && newValue >= maxCount)
|
||||||
{
|
{
|
||||||
_logger.LogDebug("Disabling user {0} due to {1} unsuccessful login attempts.", user.Name, newValue);
|
_logger.LogDebug("Disabling user {0} due to {1} unsuccessful login attempts.", user.Name, newValue);
|
||||||
user.Policy.IsDisabled = true;
|
user.Policy.IsDisabled = true;
|
||||||
|
|
|
@ -66,6 +66,7 @@ namespace MediaBrowser.Model.Users
|
||||||
public bool EnableAllFolders { get; set; }
|
public bool EnableAllFolders { get; set; }
|
||||||
|
|
||||||
public int InvalidLoginAttemptCount { get; set; }
|
public int InvalidLoginAttemptCount { get; set; }
|
||||||
|
public int? LoginAttemptsBeforeLockout { get; set; }
|
||||||
|
|
||||||
public bool EnablePublicSharing { get; set; }
|
public bool EnablePublicSharing { get; set; }
|
||||||
|
|
||||||
|
@ -104,6 +105,8 @@ namespace MediaBrowser.Model.Users
|
||||||
|
|
||||||
AccessSchedules = Array.Empty<AccessSchedule>();
|
AccessSchedules = Array.Empty<AccessSchedule>();
|
||||||
|
|
||||||
|
LoginAttemptsBeforeLockout = -1;
|
||||||
|
|
||||||
EnableAllChannels = true;
|
EnableAllChannels = true;
|
||||||
EnabledChannels = Array.Empty<string>();
|
EnabledChannels = Array.Empty<string>();
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue