Security app initial works for brute force protection and strong password enforcement #2
Conversation
appinfo/info.xml
Outdated
| <types> | ||
| <prelogin/> | ||
| </types> | ||
| <category>tool</category> |
appinfo/info.xml
Outdated
| <info> | ||
| <id>security</id> | ||
| <name>Security</name> | ||
| <description>OwnCloud security app. It harden ownCloud security with several new features like brute force protection, 404 detection, strong password enforcement.</description> |
| <?xml version="1.0"?> | ||
| <info> | ||
| <id>security</id> | ||
| <name>Security</name> |
There was a problem hiding this comment.
@pmaier1 we need your input on summary and description
There was a problem hiding this comment.
Basically I think for community apps it's the author's right/responsibility to provide these information. If not applicable for some reason I'm fine proposing summary and description but I would need to try the app first, of course. Just tell me!
lib/Hooks.php
Outdated
| * @param IUser $user | ||
| */ | ||
| private function postLoginCallback($user) { | ||
| $ip = \OC::$server->getRequest()->getRemoteAddress(); |
lib/Hooks.php
Outdated
| * @param Throttle $throttle | ||
| */ | ||
| private function failedLoginCallback($uid) { | ||
| $ip = \OC::$server->getRequest()->getRemoteAddress(); |
There was a problem hiding this comment.
you should inject the request object in the ctor
appinfo/info.xml
Outdated
| @@ -2,7 +2,7 @@ | |||
| <info> | |||
| <id>security</id> | |||
| <name>Security</name> | |||
| <description>OwnCloud security app. It harden ownCloud security with several new features like brute force protection, 404 detection, strong password enforcement.</description> | |||
| <description>ownCloud security app. It harden ownCloud security with several new features like brute force protection, 404 detection, strong password enforcement.</description> | |||
There was a problem hiding this comment.
ownCloud Security app. It hardens ownCloud security with several new features including brute force protection, 404 detection and strong password enforcement.
| - php: 5.6 | ||
| env: DB=mysql | ||
| - php: 7.0 | ||
| env: DB=mysql |
There was a problem hiding this comment.
please also test postgres
| <info> | ||
| <id>security</id> | ||
| <name>Security</name> | ||
| <description>ownCloud Security app. It hardens ownCloud security with several new features including brute force protection, 404 detection and strong password enforcement.</description> |
There was a problem hiding this comment.
@karakayasemi please add a summary tag as well - THX
|
Summary tag and PostgreSQL tests are added. |
|
@DeepDiver1975 please review. Thanks. |
Add Strong pass enforcement and create admin page
karakayasemi
changed the title
karakayasemi
changed the title
To detect failed login attempts loginFailed hook is used.