indymedia
/
epicyon
mirror of https://gitlab.com/bashrc2/epicyon
7
4
Fork 1
Code Issues 14 Releases Wiki Activity

Snake case

merge-requests/30/head
Bob Mottram 2021-12-25 22:42:29 +00:00
parent 8949c85a29
commit f076ad82c0
2 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
daemon.py
View File

@ -1641,7 +1641,7 @@ class PubServer(BaseHTTPRequestHandler):
""" """
# ensure that there is a minimum delay between failed login # ensure that there is a minimum delay between failed login
# attempts, to mitigate brute force # attempts, to mitigate brute force
if int(time.time()) - self.server.lastLoginFailure < 5: if int(time.time()) - self.server.last_login_failure < 5:
self._503() self._503()
self.server.POSTbusy = False self.server.POSTbusy = False
return return
@ -1676,7 +1676,7 @@ class PubServer(BaseHTTPRequestHandler):
loginNickname, loginPassword, register = \ loginNickname, loginPassword, register = \
htmlGetLoginCredentials(loginParams, htmlGetLoginCredentials(loginParams,
self.server.lastLoginTime, self.server.last_login_time,
self.server.domain) self.server.domain)
if loginNickname: if loginNickname:
if isSystemAccount(loginNickname): if isSystemAccount(loginNickname):
@ -1685,7 +1685,7 @@ class PubServer(BaseHTTPRequestHandler):
self._clearLoginDetails(loginNickname, callingDomain) self._clearLoginDetails(loginNickname, callingDomain)
self.server.POSTbusy = False self.server.POSTbusy = False
return return
self.server.lastLoginTime = int(time.time()) self.server.last_login_time = int(time.time())
if register: if register:
if not validPassword(loginPassword): if not validPassword(loginPassword):
self.server.POSTbusy = False self.server.POSTbusy = False
@ -1737,7 +1737,7 @@ class PubServer(BaseHTTPRequestHandler):
print('Login failed: ' + loginNickname) print('Login failed: ' + loginNickname)
self._clearLoginDetails(loginNickname, callingDomain) self._clearLoginDetails(loginNickname, callingDomain)
failTime = int(time.time()) failTime = int(time.time())
self.server.lastLoginFailure = failTime self.server.last_login_failure = failTime
if not domain.endswith('.onion'): if not domain.endswith('.onion'):
if not isLocalNetworkAddress(ipAddress): if not isLocalNetworkAddress(ipAddress):
recordLoginFailure(base_dir, ipAddress, recordLoginFailure(base_dir, ipAddress,
@ -18755,8 +18755,8 @@ def runDaemon(content_license_url: str,
httpd.postLog = [] httpd.postLog = []
httpd.maxQueueLength = 64 httpd.maxQueueLength = 64
httpd.allow_deletion = allow_deletion httpd.allow_deletion = allow_deletion
httpd.lastLoginTime = 0 httpd.last_login_time = 0
httpd.lastLoginFailure = 0 httpd.last_login_failure = 0
httpd.loginFailureCount = {} httpd.loginFailureCount = {}
httpd.log_login_failures = log_login_failures httpd.log_login_failures = log_login_failures
httpd.max_replies = max_replies httpd.max_replies = max_replies

4
webapp_login.py
View File

@ -21,7 +21,7 @@ from theme import getTextModeLogo
def htmlGetLoginCredentials(loginParams: str, def htmlGetLoginCredentials(loginParams: str,
lastLoginTime: int, last_login_time: int,
domain: str) -> (str, str, bool): domain: str) -> (str, str, bool):
"""Receives login credentials via HTTPServer POST """Receives login credentials via HTTPServer POST
""" """
@ -29,7 +29,7 @@ def htmlGetLoginCredentials(loginParams: str,
return None, None, None return None, None, None
# minimum time between login attempts # minimum time between login attempts
currTime = int(time.time()) currTime = int(time.time())
if currTime < lastLoginTime+10: if currTime < last_login_time+10:
return None, None, None return None, None, None
if '&' not in loginParams: if '&' not in loginParams:
return None, None, None return None, None, None