Added login failed support.

2013-02-12 23:49:52 +01:00 · 2013-02-12 23:49:52 +01:00 · 1644654972
commit 1644654972
parent f8e8f6dc74
3 changed files with 10 additions and 13 deletions
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -85,9 +85,6 @@ class ApplicationController < ActionController::Base
      # return auth ok
      if message == ''

-        # remember last login
-        userdata.update_last_login
-
        # set basic auth user to current user
        current_user_set(userdata)
        return {
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@ -15,9 +15,6 @@ class SessionsController < ApplicationController
      return
    end

-    # remember last login date
-    user.update_last_login()
-
    # auto population of default collections
    default_collection = SessionHelper::default_collections(user)

@ -125,7 +122,7 @@ class SessionsController < ApplicationController
    end

    # remember last login date
-    authorization.user.update_last_login()
+    authorization.user.update_last_login

    # Log the authorizing user in.
    session[:user_id] = authorization.user.id
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -51,8 +51,9 @@ class User < ApplicationModel
    end

    # check failed logins
-    if user
-#      return if user.faild_login > 10
+    max_login_failed = Setting.get('password_max_login_failed') || 10
+    if user && user.login_failed > max_login_failed
+      return false
    end

    # use auth backends
@ -80,18 +81,20 @@ class User < ApplicationModel
      # auth ok
      if user_auth

-        # update last login
-        
+        # remember last login date
+        user.update_last_login

        # reset login failed
-
+        user.login_failed = 0
+        user.save

        return user_auth
      end
    }

    # set login failed +1
-
+    user.login_failed = user.login_failed + 1
+    user.save

    # auth failed
    sleep 1