martin/databag
1
0
Fork 0
mirror of https://github.com/balzack/databag.git synced 2025-02-14 12:39:17 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

apply temporary lock only when mfa enabled

Browse Source
This commit is contained in:
Roland Osborne 2024-05-22 15:52:19 -07:00
parent 0001f6c8c9
commit df8d2806e6
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
net/server/internal/api_setAdminAccess.go
View File

@ -26,14 +26,14 @@ func SetAdminAccess(w http.ResponseWriter, r *http.Request) {
curTime := time.Now().Unix() curTime := time.Now().Unix()
failedTime := getNumConfigValue(CNFMFAFailedTime, 0); failedTime := getNumConfigValue(CNFMFAFailedTime, 0);
failedCount := getNumConfigValue(CNFMFAFailedCount, 0); failedCount := getNumConfigValue(CNFMFAFailedCount, 0);
if failedTime + APPMFAFailPeriod > curTime && failedCount > APPMFAFailCount {
ErrResponse(w, http.StatusTooManyRequests, errors.New("temporarily locked"))
return;
}
mfaEnabled := getBoolConfigValue(CNFMFAEnabled, false); mfaEnabled := getBoolConfigValue(CNFMFAEnabled, false);
mfaConfirmed := getBoolConfigValue(CNFMFAConfirmed, false); mfaConfirmed := getBoolConfigValue(CNFMFAConfirmed, false);
if mfaEnabled && mfaConfirmed { if mfaEnabled && mfaConfirmed {
if failedTime + APPMFAFailPeriod > curTime && failedCount > APPMFAFailCount {
ErrResponse(w, http.StatusTooManyRequests, errors.New("temporarily locked"))
return;
}
code := r.FormValue("code") code := r.FormValue("code")
if code == "" { if code == "" {
ErrResponse(w, http.StatusMethodNotAllowed, errors.New("totp code required")) ErrResponse(w, http.StatusMethodNotAllowed, errors.New("totp code required"))