Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
161a05b9
Commit
161a05b9
authored
Mar 22, 2018
by
Tiago Botelho
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Writes specs
parent
f7420102
Changes
3
Show whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
88 additions
and
45 deletions
+88
-45
app/controllers/omniauth_callbacks_controller.rb
app/controllers/omniauth_callbacks_controller.rb
+4
-2
changelogs/unreleased/43525-limit-number-of-failed-logins-using-ldap.yml
...leased/43525-limit-number-of-failed-logins-using-ldap.yml
+5
-0
spec/controllers/omniauth_callbacks_controller_spec.rb
spec/controllers/omniauth_callbacks_controller_spec.rb
+79
-43
No files found.
app/controllers/omniauth_callbacks_controller.rb
View file @
161a05b9
...
...
@@ -21,9 +21,11 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
# Extend the standard implementation to also increment
# the number of failed sign in attempts
def
failure
user
=
User
.
find_by_username
(
params
[
:username
])
if
params
[
:username
].
present?
&&
AuthHelper
.
form_based_provider?
(
failed_strategy
.
name
)
user
=
User
.
by_login
(
params
[
:username
])
user
&
.
increment_failed_attempts!
end
super
end
...
...
changelogs/unreleased/43525-limit-number-of-failed-logins-using-ldap.yml
0 → 100644
View file @
161a05b9
---
title
:
Limit the number of failed logins when using LDAP for authentication
merge_request
:
43525
author
:
type
:
added
spec/controllers/omniauth_callbacks_controller_spec.rb
View file @
161a05b9
...
...
@@ -10,6 +10,41 @@ describe OmniauthCallbacksController do
stub_omniauth_provider
(
provider
,
context:
request
)
end
context
'when the user is on the last sign in attempt'
do
let
(
:extern_uid
)
{
'my-uid'
}
before
do
user
.
update
(
failed_attempts:
User
.
maximum_attempts
.
pred
)
subject
.
response
=
ActionDispatch
::
Response
.
new
end
context
'when using a form based provider'
do
let
(
:provider
)
{
:ldap
}
it
'locks the user when sign in fails'
do
allow
(
subject
).
to
receive
(
:params
).
and_return
(
ActionController
::
Parameters
.
new
(
username:
user
.
username
))
request
.
env
[
'omniauth.error.strategy'
]
=
OmniAuth
::
Strategies
::
LDAP
.
new
(
nil
)
subject
.
send
(
:failure
)
expect
(
user
.
reload
).
to
be_access_locked
end
end
context
'when using a button based provider'
do
let
(
:provider
)
{
:github
}
it
'does not lock the user when sign in fails'
do
request
.
env
[
'omniauth.error.strategy'
]
=
OmniAuth
::
Strategies
::
GitHub
.
new
(
nil
)
subject
.
send
(
:failure
)
expect
(
user
.
reload
).
not_to
be_access_locked
end
end
end
context
'strategies'
do
context
'github'
do
let
(
:extern_uid
)
{
'my-uid'
}
let
(
:provider
)
{
:github
}
...
...
@@ -89,4 +124,5 @@ describe OmniauthCallbacksController do
expect
(
controller
).
to
set_flash
[
:alert
].
to
(
'Wrong extern UID provided. Make sure Auth0 is configured correctly.'
)
end
end
end
end
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment