indymedia
/
epicyon
mirror of https://gitlab.com/bashrc2/epicyon
7
4
Fork 1
Code Issues 14 Releases Wiki Activity

Show failed login attempts

merge-requests/30/head
Bob Mottram 2021-06-09 14:44:31 +01:00
parent 194d801af8
commit fde879b998
1 changed files with 29 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
daemon.py
View File

@ -1437,15 +1437,42 @@ class PubServer(BaseHTTPRequestHandler):
return return
authHeader = \ authHeader = \
createBasicAuthHeader(loginNickname, loginPassword) createBasicAuthHeader(loginNickname, loginPassword)
ipAddress = self.client_address[0]
print('Login attempt from IP: ' + str(ipAddress))
if not authorizeBasic(baseDir, '/users/' + if not authorizeBasic(baseDir, '/users/' +
loginNickname + '/outbox', loginNickname + '/outbox',
authHeader, False): authHeader, False):
print('Login failed: ' + loginNickname) print('Login failed: ' + loginNickname)
self._clearLoginDetails(loginNickname, callingDomain) self._clearLoginDetails(loginNickname, callingDomain)
self.server.lastLoginFailure = int(time.time()) failTime = int(time.time())
self.server.lastLoginFailure = failTime
if not self.server.loginFailureCount.get(ipAddress):
while len(self.server.loginFailureCount.items()) > 100:
oldestTime = 0
oldestIP = None
for ipAddr, ipItem in self.server.loginFailureCount:
if oldestTime == 0 or ipItem['time'] < oldestTime:
oldestTime = ipItem['time']
oldestIP = ipAddr
if oldestTime > 0:
del self.server.loginFailureCount[oldestIP]
self.server.loginFailureCount[ipAddress] = {
"count": 1,
"time": failTime
}
else:
self.server.loginFailureCount[ipAddress]['count'] += 1
failCount = \
self.server.loginFailureCount[ipAddress]['count']
if failCount > 4:
print('WARN: ' + str(ipAddress) +
' failed to log in ' + str(failCount) + ' times')
self.server.loginFailureCount[ipAddress]['time'] = failTime
self.server.POSTbusy = False self.server.POSTbusy = False
return return
else: else:
if self.server.loginFailureCount.get(ipAddress):
del self.server.loginFailureCount[ipAddress]
if isSuspended(baseDir, loginNickname): if isSuspended(baseDir, loginNickname):
msg = \ msg = \
htmlSuspended(self.server.cssCache, htmlSuspended(self.server.cssCache,
@ -15097,6 +15124,7 @@ def runDaemon(city: str,
httpd.allowDeletion = allowDeletion httpd.allowDeletion = allowDeletion
httpd.lastLoginTime = 0 httpd.lastLoginTime = 0
httpd.lastLoginFailure = 0 httpd.lastLoginFailure = 0
httpd.loginFailureCount = {}
httpd.maxReplies = maxReplies httpd.maxReplies = maxReplies
httpd.tokens = {} httpd.tokens = {}
httpd.tokensLookup = {} httpd.tokensLookup = {}