login-control 0.0.1 → 0.0.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/login_control_module.rb +2 -2
- data/lib/login_control_view_helper.rb +7 -7
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 6836209796584aad1dbcf76ec600cd30e1612929c827a50fce7e314f0855076b
|
4
|
+
data.tar.gz: 989f4356315dc1ad769f3ed4ea3a3b14afd89af6538df5a243e1ac2856bcf310
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: b7055e036d046c5568cdbe7adce1f90fad68a948656454aa5fe6b7a649f728c630cf28b70df01f4c209b6cc31616b9fa68a61e666804b15941a718ec6fb2520e
|
7
|
+
data.tar.gz: bc180a24f2b6673a28a35e11ceeb795f5a347f1d6186fe7f8c0a8935d53effae209e18ca0370dafe7be154be71144316b246af19f92219780f2fa3810fa38727
|
data/lib/login_control_module.rb
CHANGED
@@ -13,7 +13,7 @@ module LoginControlModule
|
|
13
13
|
rec.sign_in_success = rec.sign_in_success.to_i + 1
|
14
14
|
rec.attempts = 1
|
15
15
|
rec.save!
|
16
|
-
logger.info "
|
16
|
+
logger.info "LOGIN-CONTROL => #{rec.sign_in_success}. successful request noticed" if debug_request_control
|
17
17
|
end
|
18
18
|
|
19
19
|
# stores cookie, counts up attempts
|
@@ -22,7 +22,7 @@ module LoginControlModule
|
|
22
22
|
rec = find_or_build_rc_record(scope, login_name)
|
23
23
|
rec.attempts = rec.attempts.to_i + 1
|
24
24
|
rec.save!
|
25
|
-
logger.info "
|
25
|
+
logger.info "LOGIN-CONTROL => #{rec.attempts}. failed request noticed" if debug_request_control
|
26
26
|
end
|
27
27
|
|
28
28
|
private
|
@@ -7,29 +7,29 @@ module LoginControlViewHelper
|
|
7
7
|
debug = (Rails.configuration.x.login_control.debug || !Rails.env.production?)
|
8
8
|
rc_id = cookies.encrypted.permanent[:login_control]
|
9
9
|
if request.host == 'localhost'
|
10
|
-
logger.info '
|
10
|
+
logger.info 'LOGIN-CONTROL => no captcha because of localhost' if debug
|
11
11
|
false
|
12
12
|
elsif !rc_id.present?
|
13
|
-
logger.info '
|
13
|
+
logger.info 'LOGIN-CONTROL => captcha because no cookie stored yet' if debug
|
14
14
|
true
|
15
15
|
else
|
16
|
-
logger.info '
|
16
|
+
logger.info 'LOGIN-CONTROL => cookie found ...' if debug
|
17
17
|
rec = LoginControl.find_by(session_id: rc_id, scope: scope, login_name: login_name)
|
18
18
|
if !rec
|
19
|
-
logger.info '
|
19
|
+
logger.info 'LOGIN-CONTROL => captcha required because no record found(!)' if debug
|
20
20
|
true
|
21
21
|
else
|
22
|
-
logger.info '
|
22
|
+
logger.info 'LOGIN-CONTROL => record found ...' if debug
|
23
23
|
captcha_requested = true
|
24
24
|
|
25
25
|
attempts_allowed = (Rails.configuration.x.login_control.attempts_allowed || 10)
|
26
26
|
retry_after_seconds = (Rails.configuration.x.login_control.retry_after_seconds || 30)
|
27
|
-
logger.info "
|
27
|
+
logger.info "LOGIN-CONTROL => #{rec.attempts.to_i}. attempt (config.x.attempts_allowed: #{attempts_allowed})" if debug
|
28
28
|
|
29
29
|
if rec.attempts.to_i <= attempts_allowed
|
30
30
|
secs = Time.now - rec.updated_at
|
31
31
|
captcha_requested = retry_after_seconds.to_f >= secs
|
32
|
-
logger.info "
|
32
|
+
logger.info "LOGIN-CONTROL => captcha #{captcha_requested ? '' : 'NOT '}requested: config.x.retry_after_seconds(#{retry_after_seconds}) >= secs(#{secs})" if debug
|
33
33
|
end
|
34
34
|
|
35
35
|
rec.update!(validate_captcha: captcha_requested)
|