@@ -1,3 +1,7 @@ +== 1.4.3 released 2009-2-22 + +* Fixed issue with brute force protection. + == 1.4.2 released 2009-2-20 * Cleaned up callbacks system to use hooks and execute in the proper order. CHANGELOG.rdoc @@ -33,7 +33,7 @@ module Authlogic # login_blank: can not be blank # login_not_found: does not exist # login_invalid: should use only letters, numbers, spaces, and .-_@ please. - # consecutive_failed_logins_limit_exceeded: Consecutive failed logins limit exceeded. + # consecutive_failed_logins_limit_exceeded: Consecutive failed logins limit exceeded, account is disabled. # email_invalid: should look like an email address. # password_blank: can not be blank # password_invalid: is not valid lib/authlogic/i18n.rb @@ -39,7 +39,7 @@ module Authlogic def validate_failed_logins if attempted_record.failed_login_count && attempted_record.failed_login_count >= consecutive_failed_logins_limit errors.clear # Clear all other error messages, as they are irrelevant at this point and can only provide additional information that is not needed - errors.add_to_base(I18n.t('error_messages.consecutive_failed_logins_limit_exceeded', :default => "Consecutive failed logins limit exceeded.")) + errors.add_to_base(I18n.t('error_messages.consecutive_failed_logins_limit_exceeded', :default => "Consecutive failed logins limit exceeded, account is disabled.")) end end lib/authlogic/session/brute_force_protection.rb @@ -44,7 +44,7 @@ module Authlogic # :nodoc: MAJOR = 1 MINOR = 4 - TINY = 2 + TINY = 3 # The current version as a Version instance CURRENT = new(MAJOR, MINOR, TINY) lib/authlogic/version.rb @@ -35,7 +35,7 @@ module SessionTests UserSession.consecutive_failed_logins_limit = 50 end - def test_resetting_failed_logins_limit + def test_resetting_failed_logins_count ben = users(:ben) 2.times do |i| test/session_tests/brute_force_protection_test.rb ed1af28b8b4bdbdc36c4cee4e94659f019eaded7 binarylogic bjohnson@binarylogic.com http://github.com/binarylogic/authlogic/commit/21e3de7b777ce67b5b5935139f9ad616ae79158e 21e3de7b777ce67b5b5935139f9ad616ae79158e 2009-02-22T15:49:38-08:00 2009-02-22T15:49:38-08:00 Release v1.4.3 (small release) 34548a5857d54adf3bc294c490a2b149b9a11fdc binarylogic bjohnson@binarylogic.com