Security app initial works for brute force protection and strong password enforcement #2
Conversation
appinfo/info.xml
Outdated
<types> | ||
<prelogin/> | ||
</types> | ||
<category>tool</category> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
security
appinfo/info.xml
Outdated
<info> | ||
<id>security</id> | ||
<name>Security</name> | ||
<description>OwnCloud security app. It harden ownCloud security with several new features like brute force protection, 404 detection, strong password enforcement.</description> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
O -> o
<?xml version="1.0"?> | ||
<info> | ||
<id>security</id> | ||
<name>Security</name> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@pmaier1 we need your input on summary and description
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Basically I think for community apps it's the author's right/responsibility to provide these information. If not applicable for some reason I'm fine proposing summary and description but I would need to try the app first, of course. Just tell me!
lib/Hooks.php
Outdated
* @param IUser $user | ||
*/ | ||
private function postLoginCallback($user) { | ||
$ip = \OC::$server->getRequest()->getRemoteAddress(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
indent
lib/Hooks.php
Outdated
* @param Throttle $throttle | ||
*/ | ||
private function failedLoginCallback($uid) { | ||
$ip = \OC::$server->getRequest()->getRemoteAddress(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
you should inject the request object in the ctor
appinfo/info.xml
Outdated
@@ -2,7 +2,7 @@ | |||
<info> | |||
<id>security</id> | |||
<name>Security</name> | |||
<description>OwnCloud security app. It harden ownCloud security with several new features like brute force protection, 404 detection, strong password enforcement.</description> | |||
<description>ownCloud security app. It harden ownCloud security with several new features like brute force protection, 404 detection, strong password enforcement.</description> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ownCloud Security app. It hardens ownCloud security with several new features including brute force protection, 404 detection and strong password enforcement.
- php: 5.6 | ||
env: DB=mysql | ||
- php: 7.0 | ||
env: DB=mysql |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
please also test postgres
<info> | ||
<id>security</id> | ||
<name>Security</name> | ||
<description>ownCloud Security app. It hardens ownCloud security with several new features including brute force protection, 404 detection and strong password enforcement.</description> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@karakayasemi please add a summary tag as well - THX
Summary tag and PostgreSQL tests are added. |
@DeepDiver1975 please review. Thanks. |
Add Strong pass enforcement and create admin page
To detect failed login attempts loginFailed hook is used.