|
@ -49,6 +49,11 @@ class LoginController(Home): |
|
|
[('key', '=', 'auth_brute_force.max_attempt_qty')], |
|
|
[('key', '=', 'auth_brute_force.max_attempt_qty')], |
|
|
['value'])[0]['value']) |
|
|
['value'])[0]['value']) |
|
|
|
|
|
|
|
|
|
|
|
environ_log = config_obj.search_read( |
|
|
|
|
|
cursor, SUPERUSER_ID, |
|
|
|
|
|
[('key', '=', 'auth_brute_force.environ_log')], |
|
|
|
|
|
['value']) |
|
|
|
|
|
|
|
|
# Test if remote user is banned |
|
|
# Test if remote user is banned |
|
|
banned = banned_remote_obj.search(cursor, SUPERUSER_ID, [ |
|
|
banned = banned_remote_obj.search(cursor, SUPERUSER_ID, [ |
|
|
('remote', '=', remote)]) |
|
|
('remote', '=', remote)]) |
|
@ -68,10 +73,20 @@ class LoginController(Home): |
|
|
|
|
|
|
|
|
# Log attempt |
|
|
# Log attempt |
|
|
cursor.commit() |
|
|
cursor.commit() |
|
|
|
|
|
|
|
|
|
|
|
environ = '' |
|
|
|
|
|
if environ_log: |
|
|
|
|
|
filter_value = environ_log[0]['value'] |
|
|
|
|
|
filter_keys = [k.strip() for k in filter_value.split(',')] |
|
|
|
|
|
for key, value in request.httprequest.environ.items(): |
|
|
|
|
|
if key in filter_keys or filter_value == '*': |
|
|
|
|
|
environ += '%s=%s\n' % (key, value) |
|
|
|
|
|
|
|
|
attempt_obj.create(cursor, SUPERUSER_ID, { |
|
|
attempt_obj.create(cursor, SUPERUSER_ID, { |
|
|
'attempt_date': fields.Datetime.now(), |
|
|
'attempt_date': fields.Datetime.now(), |
|
|
'login': request.params['login'], |
|
|
'login': request.params['login'], |
|
|
'remote': remote, |
|
|
'remote': remote, |
|
|
|
|
|
'environ': environ, |
|
|
'result': banned and 'banned' or ( |
|
|
'result': banned and 'banned' or ( |
|
|
result and 'successfull' or 'failed'), |
|
|
result and 'successfull' or 'failed'), |
|
|
}) |
|
|
}) |
|
|