Skip to content

Commit

Permalink
closes #6037
Browse files Browse the repository at this point in the history
  • Loading branch information
@barisusakli
barisusakli committed Nov 17, 2017
1 parent ea3fde3 commit 2065f89
Show file tree
Hide file tree
Showing 3 changed files with 15 additions and 4 deletions.
2 changes: 2 additions & 0 deletions public/language/en-GB/admin/settings/user.json
View file
Expand Up @@ -19,6 +19,8 @@
"themes": "Themes",
"disable-user-skins": "Prevent users from choosing a custom skin",
"account-protection": "Account Protection",
"admin-relogin-duration": "Admin relogin duration (minutes)",
"admin-relogin-duration-help": "After a set amount of time accessing the admin section will require re-login, set to 0 to disable",
"login-attempts": "Login attempts per hour",
"login-attempts-help": "If login attempts to a user's account exceeds this threshold, that account will be locked for a pre-configured amount of time",
"lockout-duration": "Account Lockout Duration (minutes)",
Expand Down
10 changes: 6 additions & 4 deletions src/middleware/user.js
View file
Expand Up @@ -173,10 +173,12 @@ module.exports = function (middleware) {
}

var loginTime = req.session.meta ? req.session.meta.datetime : 0;
if (loginTime && parseInt(loginTime, 10) > Date.now() - 3600000) {
var timeLeft = parseInt(loginTime, 10) - (Date.now() - 3600000);
if (timeLeft < 300000) {
req.session.meta.datetime += 300000;
var adminReloginDuration = (meta.config.adminReloginDuration || 60) * 60000;
var disabled = parseInt(meta.config.adminReloginDuration, 10) === 0;
if (disabled || (loginTime && parseInt(loginTime, 10) > Date.now() - adminReloginDuration)) {
var timeLeft = parseInt(loginTime, 10) - (Date.now() - adminReloginDuration);
if (timeLeft < Math.min(300000, adminReloginDuration)) {
req.session.meta.datetime += Math.min(300000, adminReloginDuration);
}

return next();
Expand Down
7 changes: 7 additions & 0 deletions src/views/admin/settings/user.tpl
View file
Expand Up @@ -105,6 +105,13 @@
<div class="col-sm-2 col-xs-12 settings-header">[[admin/settings/user:account-protection]]</div>
<div class="col-sm-10 col-xs-12">
<form>
<div class="form-group">
<label for="adminReloginDuration">[[admin/settings/user:admin-relogin-duration]]</label>
<input id="adminReloginDuration" type="text" class="form-control" data-field="adminReloginDuration" placeholder="60" />
<p class="help-block">
[[admin/settings/user:admin-relogin-duration-help]]
</p>
</div>
<div class="form-group">
<label for="loginAttempts">[[admin/settings/user:login-attempts]]</label>
<input id="loginAttempts" type="text" class="form-control" data-field="loginAttempts" placeholder="5" />
Expand Down

0 comments on commit 2065f89

Please sign in to comment.