Added login failed support.

This commit is contained in:
Martin Edenhofer 2013-02-12 23:49:52 +01:00
parent f8e8f6dc74
commit 1644654972
3 changed files with 10 additions and 13 deletions

View file

@ -85,9 +85,6 @@ class ApplicationController < ActionController::Base
# return auth ok
if message == ''
# remember last login
userdata.update_last_login
# set basic auth user to current user
current_user_set(userdata)
return {

View file

@ -15,9 +15,6 @@ class SessionsController < ApplicationController
return
end
# remember last login date
user.update_last_login()
# auto population of default collections
default_collection = SessionHelper::default_collections(user)
@ -125,7 +122,7 @@ class SessionsController < ApplicationController
end
# remember last login date
authorization.user.update_last_login()
authorization.user.update_last_login
# Log the authorizing user in.
session[:user_id] = authorization.user.id

View file

@ -51,8 +51,9 @@ class User < ApplicationModel
end
# check failed logins
if user
# return if user.faild_login > 10
max_login_failed = Setting.get('password_max_login_failed') || 10
if user && user.login_failed > max_login_failed
return false
end
# use auth backends
@ -80,18 +81,20 @@ class User < ApplicationModel
# auth ok
if user_auth
# update last login
# remember last login date
user.update_last_login
# reset login failed
user.login_failed = 0
user.save
return user_auth
end
}
# set login failed +1
user.login_failed = user.login_failed + 1
user.save
# auth failed
sleep 1