configurable user lockout
This commit is contained in:
parent
221389089c
commit
1ee016c997
|
@ -219,7 +219,7 @@ namespace Emby.Server.Implementations.Library
|
|||
//This is some regex that matches only on unicode "word" characters, as well as -, _ and @
|
||||
//In theory this will cut out most if not all 'control' characters which should help minimize any weirdness
|
||||
// Usernames can contain letters (a-z + whatever else unicode is cool with), numbers (0-9), dashes (-), underscores (_), apostrophes ('), and periods (.)
|
||||
return Regex.IsMatch(username, "^[\\w-'._@]*$");
|
||||
return Regex.IsMatch(username, @"^[\w-'._@]*$");
|
||||
}
|
||||
|
||||
private static bool IsValidUsernameCharacter(char i)
|
||||
|
@ -448,11 +448,19 @@ namespace Emby.Server.Implementations.Library
|
|||
|
||||
user.Policy.InvalidLoginAttemptCount = newValue;
|
||||
|
||||
var maxCount = user.Policy.IsAdministrator ? 3 : 5;
|
||||
// Check for users without a value here and then fill in the default value
|
||||
// also protect from an always lockout if misconfigured
|
||||
if (user.Policy.LoginAttemptsBeforeLockout == null || user.Policy.LoginAttemptsBeforeLockout == 0)
|
||||
{
|
||||
user.Policy.LoginAttemptsBeforeLockout = user.Policy.IsAdministrator ? 5 : 3;
|
||||
}
|
||||
|
||||
var maxCount = user.Policy.LoginAttemptsBeforeLockout;
|
||||
|
||||
var fireLockout = false;
|
||||
|
||||
if (newValue >= maxCount)
|
||||
// -1 can be used to specify no lockout value
|
||||
if (maxCount != -1 && newValue >= maxCount)
|
||||
{
|
||||
_logger.LogDebug("Disabling user {0} due to {1} unsuccessful login attempts.", user.Name, newValue);
|
||||
user.Policy.IsDisabled = true;
|
||||
|
|
|
@ -66,6 +66,7 @@ namespace MediaBrowser.Model.Users
|
|||
public bool EnableAllFolders { get; set; }
|
||||
|
||||
public int InvalidLoginAttemptCount { get; set; }
|
||||
public int? LoginAttemptsBeforeLockout { get; set; }
|
||||
|
||||
public bool EnablePublicSharing { get; set; }
|
||||
|
||||
|
@ -104,6 +105,8 @@ namespace MediaBrowser.Model.Users
|
|||
|
||||
AccessSchedules = Array.Empty<AccessSchedule>();
|
||||
|
||||
LoginAttemptsBeforeLockout = -1;
|
||||
|
||||
EnableAllChannels = true;
|
||||
EnabledChannels = Array.Empty<string>();
|
||||
|
||||
|
|
Loading…
Reference in New Issue
Block a user