File tree 2 files changed +9
-2
lines changed
2 files changed +9
-2
lines changed Original file line number Diff line number Diff line change @@ -121,6 +121,9 @@ def index():
121121 send = URL ('site' )
122122 if session .authorized :
123123 redirect (send )
124+ elif failed_login_count () >= allowed_number_of_attempts :
125+ time .sleep (2 ** allowed_number_of_attempts )
126+ raise HTTP (403 )
124127 elif request .vars .password :
125128 if verify_password (request .vars .password [:1024 ]):
126129 session .authorized = True
Original file line number Diff line number Diff line change @@ -104,13 +104,12 @@ def write_hosts_deny(denied_hosts):
104104 portalocker .unlock (f )
105105 f .close ()
106106
107-
108107def login_record (success = True ):
109108 denied_hosts = read_hosts_deny ()
110109 val = (0 , 0 )
111110 if success and request .client in denied_hosts :
112111 del denied_hosts [request .client ]
113- elif not success and not request . is_local :
112+ elif not success :
114113 val = denied_hosts .get (request .client , (0 , 0 ))
115114 if time .time () - val [1 ] < expiration_failed_logins \
116115 and val [0 ] >= allowed_number_of_attempts :
@@ -121,6 +120,11 @@ def login_record(success=True):
121120 write_hosts_deny (denied_hosts )
122121 return val [0 ]
123122
123+ def failed_login_count ():
124+ denied_hosts = read_hosts_deny ()
125+ val = denied_hosts .get (request .client , (0 , 0 ))
126+ return val [0 ]
127+
124128
125129# ###########################################################
126130# ## session expiration
You can’t perform that action at this time.
0 commit comments