mirror of
https://github.com/jellyfin/jellyfin.git
synced 2024-07-05 21:33:02 +02:00
Reset invalid login counter on successfull login
This commit is contained in:
parent
2919cf28ea
commit
221b831bb2
|
@ -353,11 +353,11 @@ namespace Emby.Server.Implementations.Library
|
||||||
UpdateUser(user);
|
UpdateUser(user);
|
||||||
}
|
}
|
||||||
|
|
||||||
UpdateInvalidLoginAttemptCount(user, 0);
|
ResetInvalidLoginAttemptCount(user);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
UpdateInvalidLoginAttemptCount(user, user.Policy.InvalidLoginAttemptCount + 1);
|
IncrementInvalidLoginAttemptCount(user);
|
||||||
}
|
}
|
||||||
|
|
||||||
_logger.LogInformation("Authentication request for {0} {1}.", user.Name, success ? "has succeeded" : "has been denied");
|
_logger.LogInformation("Authentication request for {0} {1}.", user.Name, success ? "has succeeded" : "has been denied");
|
||||||
|
@ -509,41 +509,28 @@ namespace Emby.Server.Implementations.Library
|
||||||
: PasswordHash.ConvertToByteString(new PasswordHash(user.EasyPassword).Hash);
|
: PasswordHash.ConvertToByteString(new PasswordHash(user.EasyPassword).Hash);
|
||||||
}
|
}
|
||||||
|
|
||||||
private void UpdateInvalidLoginAttemptCount(User user, int newValue)
|
private void ResetInvalidLoginAttemptCount(User user)
|
||||||
{
|
{
|
||||||
if (user.Policy.InvalidLoginAttemptCount == newValue || newValue <= 0)
|
user.Policy.InvalidLoginAttemptCount = 0;
|
||||||
|
UpdateUserPolicy(user, user.Policy, false);
|
||||||
|
}
|
||||||
|
|
||||||
|
private void IncrementInvalidLoginAttemptCount(User user)
|
||||||
|
{
|
||||||
|
int invalidLogins = ++user.Policy.InvalidLoginAttemptCount;
|
||||||
|
int maxInvalidLogins = user.Policy.LoginAttemptsBeforeLockout;
|
||||||
|
if (maxInvalidLogins > 0
|
||||||
|
&& invalidLogins >= maxInvalidLogins)
|
||||||
{
|
{
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
user.Policy.InvalidLoginAttemptCount = newValue;
|
|
||||||
|
|
||||||
// Check for users without a value here and then fill in the default value
|
|
||||||
// also protect from an always lockout if misconfigured
|
|
||||||
if (user.Policy.LoginAttemptsBeforeLockout == null || user.Policy.LoginAttemptsBeforeLockout == 0)
|
|
||||||
{
|
|
||||||
user.Policy.LoginAttemptsBeforeLockout = user.Policy.IsAdministrator ? 5 : 3;
|
|
||||||
}
|
|
||||||
|
|
||||||
var maxCount = user.Policy.LoginAttemptsBeforeLockout;
|
|
||||||
|
|
||||||
var fireLockout = false;
|
|
||||||
|
|
||||||
// -1 can be used to specify no lockout value
|
|
||||||
if (maxCount != -1 && newValue >= maxCount)
|
|
||||||
{
|
|
||||||
_logger.LogDebug("Disabling user {0} due to {1} unsuccessful login attempts.", user.Name, newValue);
|
|
||||||
user.Policy.IsDisabled = true;
|
user.Policy.IsDisabled = true;
|
||||||
|
UserLockedOut?.Invoke(this, new GenericEventArgs<User>(user));
|
||||||
fireLockout = true;
|
_logger.LogWarning(
|
||||||
|
"Disabling user {UserName} due to {Attempts} unsuccessful login attempts.",
|
||||||
|
user.Name,
|
||||||
|
invalidLogins);
|
||||||
}
|
}
|
||||||
|
|
||||||
UpdateUserPolicy(user, user.Policy, false);
|
UpdateUserPolicy(user, user.Policy, false);
|
||||||
|
|
||||||
if (fireLockout)
|
|
||||||
{
|
|
||||||
UserLockedOut?.Invoke(this, new GenericEventArgs<User>(user));
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/// <summary>
|
/// <summary>
|
||||||
|
|
|
@ -66,7 +66,7 @@ namespace MediaBrowser.Model.Users
|
||||||
public bool EnableAllFolders { get; set; }
|
public bool EnableAllFolders { get; set; }
|
||||||
|
|
||||||
public int InvalidLoginAttemptCount { get; set; }
|
public int InvalidLoginAttemptCount { get; set; }
|
||||||
public int? LoginAttemptsBeforeLockout { get; set; }
|
public int LoginAttemptsBeforeLockout { get; set; }
|
||||||
|
|
||||||
public bool EnablePublicSharing { get; set; }
|
public bool EnablePublicSharing { get; set; }
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue