ari/arimelody.me
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Compare commits

base: ari:82a4cde8c9374d046a5440c11879e1e12a50c780
Branches Tags
ari:main
ari:dev
ari:feature/blog
ari:feature/live-indicator
ari:feature/tests
ari:feature/cursor
ari:feature/auditlogs
ari:feature/accountsettings
ari:feature/totp
..
compare: ari:bc90015a33a50b31533d1b9815680d7672a21cda
Branches Tags
ari:dev
ari:main
ari:feature/blog
ari:feature/live-indicator
ari:feature/tests
ari:feature/cursor
ari:feature/auditlogs
ari:feature/accountsettings
ari:feature/totp

No commits in common. "82a4cde8c9374d046a5440c11879e1e12a50c780" and "bc90015a33a50b31533d1b9815680d7672a21cda" have entirely different histories.
82a4cde8c9 ... bc90015a33

1 changed files with 4 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

9
admin/http.go
View file

@ -283,7 +283,7 @@ func loginHandler(app *model.AppState) http.Handler {
err = bcrypt.CompareHashAndPassword([]byte(account.Password), []byte(password))
if err != nil {
app.Log.Warn(log.TYPE_ACCOUNT, "\"%s\" attempted login with incorrect password. (%s)", account.Username, controller.ResolveIP(app, r))
if locked := handleFailedLogin(app, account, r); locked {
if locked := handleFailedLogin(app, account); locked {
controller.SetSessionError(app.DB, session, "Too many failed attempts. This account is now locked.")
} else {
controller.SetSessionError(app.DB, session, "Invalid username or password.")
@ -389,7 +389,7 @@ func loginTOTPHandler(app *model.AppState) http.Handler {
}
if totpMethod == nil {
app.Log.Warn(log.TYPE_ACCOUNT, "\"%s\" failed login (Incorrect TOTP). (%s)", session.AttemptAccount.Username, controller.ResolveIP(app, r))
if locked := handleFailedLogin(app, session.AttemptAccount, r); locked {
if locked := handleFailedLogin(app, session.AttemptAccount); locked {
controller.SetSessionError(app.DB, session, "Too many failed attempts. This account is now locked.")
controller.SetSessionAttemptAccount(app.DB, session, nil)
http.Redirect(w, r, "/admin", http.StatusFound)
@ -514,7 +514,7 @@ func enforceSession(app *model.AppState, next http.Handler) http.Handler {
})
}
func handleFailedLogin(app *model.AppState, account *model.Account, r *http.Request) bool {
func handleFailedLogin(app *model.AppState, account *model.Account) bool {
locked, err := controller.IncrementAccountFails(app.DB, account.ID)
if err != nil {
fmt.Fprintf(
@ -532,10 +532,9 @@ func handleFailedLogin(app *model.AppState, account *model.Account, r *http.Requ
if locked {
app.Log.Warn(
log.TYPE_ACCOUNT,
"Account \"%s\" was locked: %d failed login attempts (IP: %s)",
"Account \"%s\" was locked: %d failed login attempts",
account.Username,
model.MAX_LOGIN_FAIL_ATTEMPTS,
controller.ResolveIP(app, r),
)
}
return locked