New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update lock account to include expiration #863

Closed
nynymike opened this Issue Aug 1, 2018 · 5 comments

Comments

Projects
None yet
4 participants
@nynymike
Contributor

nynymike commented Aug 1, 2018

We should update this script to include a configurable lock time, for example 3 minutes by default.
https://github.com/GluuFederation/oxAuth/tree/master/Server/integrations/basic.lock.account

The script should check to see if the account is locked, and if there is a lock, when it expires. The lock can be written to the cache:

@nynymike nynymike added the enhancement label Aug 1, 2018

@nynymike nynymike added this to the 3.1.4 milestone Aug 1, 2018

@natt-tester

This comment has been minimized.

natt-tester commented Aug 27, 2018

@sahiliamsso, please also take a look at #877.

@yurem

This comment has been minimized.

Contributor

yurem commented Aug 28, 2018

@sahiliamsso

Here is bean and sample which you can use for implementation:

from import org.xdi.service import CacheService

...

        cacheService= CdiUtil.bean(CacheService)

	object_to_store = "{'locked': true}"
	# First param is how long keep object in cache, second one is key, last one is any object to store
        cacheService.put(60, "user_lock_xyz", object_to_store);


        object_from_store = cacheService.get(null, "user_lock_xyz");
	if object_from_store != None:
		# User is still locked

sahiliamsso added a commit that referenced this issue Sep 2, 2018

@sahiliamsso

This comment has been minimized.

Contributor

sahiliamsso commented Sep 2, 2018

@natt-tester - Please validate.

@sahiliamsso sahiliamsso closed this Sep 2, 2018

@yurem

This comment has been minimized.

Contributor

yurem commented Sep 7, 2018

Can we use "lock_user_" + user_name key? This should help to avoid collisions in future

@yurem yurem reopened this Sep 7, 2018

sahiliamsso added a commit that referenced this issue Sep 13, 2018

Update BasicLockAccountExternalAuthenticator.py
Updated "lock_user_" + user_name key @GluuFederation/oxAuth/issues/863
@sahiliamsso

This comment has been minimized.

Contributor

sahiliamsso commented Sep 13, 2018

Done, Please check.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment