Add throttle page

src/main/kotlin/com/faforever/userservice/controller/OAuthController.kt

@@ -34,7 +34,9 @@ class OAuthController(
         model: Model,
     ): Mono<Rendering> {
         val loginFailed = request.queryParams.containsKey("login_failed")
+        val loginThrottled = request.queryParams.containsKey("login_throttled")
         model.addAttribute("loginFailed", loginFailed)
+        model.addAttribute("loginThrottled", loginThrottled)
         model.addAttribute("challenge", challenge)
         model.addAttribute("passwordResetUrl", fafProperties.passwordResetUrl)
         model.addAttribute("registerAccountUrl", fafProperties.registerAccountUrl)
@@ -64,7 +66,14 @@ class OAuthController(
                     when (it) {
                         is SuccessfulLogin -> redirect(response, it.redirectTo)
                         is UserBanned -> redirect(response, it.redirectTo)
-                        is LoginThrottlingActive -> redirect(response, it.redirectTo)
+                        is LoginThrottlingActive -> redirect(
+                            response,
+                            UriComponentsBuilder.fromUri(request.uri)
+                                .queryParam("login_challenge", challenge)
+                                .queryParam("login_throttled")
+                                .build()
+                                .toUriString()
+                        )
                         is UserOrCredentialsMismatch -> redirect(
                             response,
                             UriComponentsBuilder.fromUri(request.uri)

src/main/kotlin/com/faforever/userservice/domain/UserService.kt

@@ -27,7 +27,7 @@ data class SecurityProperties(
 )
 
 sealed class LoginResult {
-    data class LoginThrottlingActive(val redirectTo: String) : LoginResult()
+    object LoginThrottlingActive : LoginResult()
     object UserOrCredentialsMismatch : LoginResult()
     data class SuccessfulLogin(val redirectTo: String) : LoginResult()
     data class UserBanned(val redirectTo: String, val ban: Ban) : LoginResult()
@@ -90,8 +90,7 @@ class UserService(
     ): Mono<LoginResult> = checkLoginThrottlingRequired(ip)
         .flatMap { throttlingRequired ->
             if (throttlingRequired) {
-                hydraService.rejectLoginRequest(challenge, GenericError(HYDRA_ERROR_LOGIN_THROTTLED))
-                    .map { LoginResult.LoginThrottlingActive(it.redirectTo) }
+                Mono.just(LoginResult.LoginThrottlingActive)
             } else {
                 hydraService.getLoginRequest(challenge)
                     .flatMap { loginRequest ->

src/main/resources/i18n/messages.properties

@@ -2,6 +2,7 @@ header.loggedInAs=You are logged in as: {0}
 login.title=FAForever Login
 login.welcomeBack=Welcome back, Commander!
 login.badCredentials=Username or password was wrong
+login.throttled=Too many of your login attempts have failed. Please wait some time before trying to login again.
 login.usernameOrEmail=Username or email
 login.password=Password
 login.loginAction=Log in

src/main/resources/i18n/messages_de.properties

@@ -2,6 +2,7 @@ header.loggedInAs=Du bist eingeloggt als: {0}
 login.title=FAForever Login
 login.welcomeBack=Willkommen zurück, Commander!
 login.badCredentials=Benutzername oder Passwort falsch
+login.throttled=Zu viele deiner Login-Versuche sind fehlgeschlagen. Bitte warte einige Zeit bevor du es erneut versuchst.
 login.usernameOrEmail=Benutzername oder Email
 login.password=Passwort
 login.loginAction=Einloggen

src/main/resources/templates/login.html

@@ -31,7 +31,12 @@ <h2 id="form-header-right" th:text="#{login.welcomeBack}">Welcome back, commande
 
       <div class="error" th:if="${loginFailed}">
         <i class="fas fa-exclamation-triangle"></i>
-        <span th:text="#{login.badCredentials}">Username or password was wrong.</span>
+        <span th:text="#{login.badCredentials}">Username or password was wrong</span>
+      </div>
+
+      <div class="error" th:if="${loginThrottled}">
+        <i class="fas fa-exclamation-triangle"></i>
+        <span th:text="#{login.throttled}">Too many of your login attempts have failed. Please wait some time before trying to login again.</span>
       </div>
 
       <input type="hidden" name="login_challenge" th:value="${challenge}" th:if="${challenge != null }"/>

src/test/kotlin/com/faforever/userservice/UserServiceApplicationTests.kt

@@ -162,7 +162,7 @@ class UserServiceApplicationTests {
             .exchange()
             .expectStatus().is3xxRedirection()
             .expectHeader()
-            .location(hydraRedirectUrl)
+            .location("/login?login_challenge=someChallenge&login_challenge=someChallenge&login_throttled")
             .expectBody(String::class.java)
 
         verify(loginLogRepository).findFailedAttemptsByIp(anyString())