forked from grafana/grafana
-
Notifications
You must be signed in to change notification settings - Fork 0
/
brute_force_login_protection.go
48 lines (37 loc) · 997 Bytes
/
brute_force_login_protection.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
package login
import (
"time"
"github.com/grafana/grafana/pkg/bus"
m "github.com/grafana/grafana/pkg/models"
"github.com/grafana/grafana/pkg/setting"
)
var (
maxInvalidLoginAttempts int64 = 5
loginAttemptsWindow time.Duration = time.Minute * 5
)
var validateLoginAttempts = func(username string) error {
if setting.DisableBruteForceLoginProtection {
return nil
}
loginAttemptCountQuery := m.GetUserLoginAttemptCountQuery{
Username: username,
Since: time.Now().Add(-loginAttemptsWindow),
}
if err := bus.Dispatch(&loginAttemptCountQuery); err != nil {
return err
}
if loginAttemptCountQuery.Result >= maxInvalidLoginAttempts {
return ErrTooManyLoginAttempts
}
return nil
}
var saveInvalidLoginAttempt = func(query *m.LoginUserQuery) {
if setting.DisableBruteForceLoginProtection {
return
}
loginAttemptCommand := m.CreateLoginAttemptCommand{
Username: query.Username,
IpAddress: query.IpAddress,
}
bus.Dispatch(&loginAttemptCommand)
}