Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[NEW] Add ability to block failed login attempts by user and IP #17783

Merged
merged 14 commits into from
Jun 20, 2020

Conversation

MarcosSpessatto
Copy link
Member

@MarcosSpessatto MarcosSpessatto commented May 29, 2020

Proposed changes

This PR provides the admin the ability to block failed attempts by IP or/and user.

Issue(s)

Closes #2737
Closes #2885
Closes #13387

How to test or reproduce

Screenshots

Types of changes

  • Bugfix (non-breaking change which fixes an issue)
  • Improvement (non-breaking change which improves a current function)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • Hotfix (a major bugfix that has to be merged asap)
  • Documentation Update (if none of the other choices apply)

Checklist

  • I have read the CONTRIBUTING doc
  • I have signed the CLA
  • Lint and unit tests pass locally with my changes
  • I have added tests that prove my fix is effective or that my feature works (if applicable)
  • I have added necessary documentation (if applicable)
  • Any dependent changes have been merged and published in downstream modules

Changelog

Further comments

@rodrigok
Copy link
Member

Should incorporate the log on logs from here #13387

@rodrigok
Copy link
Member

Need to review the GDPR compliance here

@MarcosSpessatto MarcosSpessatto requested a review from rodrigok June 1, 2020 18:15
app/ui-login/client/login/form.js Outdated Show resolved Hide resolved
app/utils/lib/date.helper.ts Outdated Show resolved Hide resolved
app/authentication/server/startup/settings.ts Outdated Show resolved Hide resolved
app/models/server/definition/IServerEventsRepository.ts Outdated Show resolved Hide resolved
app/models/server/models/ServerEvents.ts Outdated Show resolved Hide resolved
app/models/server/raw/ServerEvents.ts Outdated Show resolved Hide resolved
app/models/server/raw/ServerEvents.ts Outdated Show resolved Hide resolved
app/models/server/raw/Sessions.js Show resolved Hide resolved
app/models/server/raw/index.ts Outdated Show resolved Hide resolved
definition/IServerEvent.ts Outdated Show resolved Hide resolved
app/models/server/raw/Sessions.js Show resolved Hide resolved
app/models/server/raw/ServerEvents.ts Show resolved Hide resolved
app/models/server/raw/ServerEvents.ts Show resolved Hide resolved
app/models/server/models/ServerEvents.ts Outdated Show resolved Hide resolved
app/utils/lib/date.helper.ts Outdated Show resolved Hide resolved
app/authentication/server/startup/index.js Outdated Show resolved Hide resolved
app/authentication/server/startup/index.js Outdated Show resolved Hide resolved
app/authentication/server/startup/settings.ts Outdated Show resolved Hide resolved
app/authentication/server/startup/settings.ts Outdated Show resolved Hide resolved
@rodrigok rodrigok self-assigned this Jun 20, 2020
@rodrigok rodrigok merged commit 0aada15 into develop Jun 20, 2020
@rodrigok rodrigok deleted the feat/block-failed-login-attempts branch June 20, 2020 18:54
@sampaiodiego sampaiodiego mentioned this pull request Jun 30, 2020
@Nowa-Ammerlaan
Copy link

Nowa-Ammerlaan commented Apr 10, 2021

Enabling the username based login-failure block effectively prevents new users from registering: #21523

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Store users IPs and ability to ban IPs Limit Number of Failed Login Attempts
4 participants