Commit 31a68934 authored by Christophe Maudoux's avatar Christophe Maudoux

Rename BruteForceProtection plugin (#1506)

parent f4b17c7c
......@@ -19,7 +19,7 @@ sub defaultValues {
'authentication' => 'Demo',
'available2F' => 'UTOTP,TOTP,U2F,REST,Ext2F,Yubikey',
'available2FSelfRegistration' => 'TOTP,U2F,Yubikey',
'brutForceProtection' => 1,
'bruteForceProtection' => 1,
'captcha_mail_enabled' => 1,
'captcha_register_enabled' => 1,
'captcha_size' => 6,
......
......@@ -607,7 +607,7 @@ sub attributes {
'default' => 'TOTP,U2F,Yubikey',
'type' => 'text'
},
'brutForceProtection' => {
'bruteForceProtection' => {
'default' => 1,
'type' => 'bool'
},
......
......@@ -609,10 +609,10 @@ sub attributes {
type => 'bool',
documentation => 'Display login history checkbox in portal',
},
brutForceProtection => {
bruteForceProtection => {
default => 1,
type => 'bool',
documentation => 'Prevent brut force attack after two failed logins',
documentation => 'Prevent brute-force attack',
},
portalForceAuthnInterval => {
type => 'int',
......
......@@ -727,7 +727,7 @@ sub tree {
'trustedDomains',
'useSafeJail',
'checkXSS',
'brutForceProtection',
'bruteForceProtection',
'lwpOpts',
'lwpSslOpts',
{
......
......@@ -102,7 +102,7 @@
"browserIdSiteName":"Site name",
"browserIdVerificationURL":"Verification URL",
"browseTree":"Browse tree",
"brutForceProtection":"Brut force attack protection",
"bruteForceProtection":"Brute-force attack protection",
"cancel":"Cancel",
"captcha_login_enabled":"Activation in login form",
"captcha_mail_enabled":"Activation in password reset by mail form",
......
This source diff could not be displayed because it is too large. You can view the blob instead.
......@@ -474,7 +474,7 @@ t/43-MailReset-with-token.t
t/43-MailReset.t
t/50-IssuerGet.t
t/60-Status.t
t/61-BrutForceProtection.t
t/61-BruteForceAttackProtection.t
t/61-GrantSession.t
t/62-SingleSession.t
t/63-History.t
......
......@@ -19,7 +19,7 @@ our @pList = (
notification => '::Plugins::Notifications',
portalCheckLogins => '::Plugins::History',
stayConnected => '::Plugins::StayConnected',
brutForceProtection => '::Plugins::BrutForceProtection',
bruteForceProtection => '::Plugins::BruteForceProtection',
grantSessionRule => '::Plugins::GrantSession',
upgradeSession => '::Plugins::Upgrade',
autoSigninRules => '::Plugins::AutoSignin',
......
package Lemonldap::NG::Portal::Plugins::BrutForceProtection;
package Lemonldap::NG::Portal::Plugins::BruteForceProtection;
use Data::Dumper;
use strict;
......
use Test::More;
use strict;
use IO::String;
BEGIN {
require 't/test-lib.pm';
}
my $res;
my $client = LLNG::Manager::Test->new(
{
ini => {
logLevel => 'error',
authentication => 'Demo',
userDB => 'Same',
loginHistoryEnabled => 1,
brutForceProtection => 1,
}
}
);
## First successful connection
ok(
$res = $client->_post(
'/',
IO::String->new('user=dwho&password=dwho'),
length => 23,
accept => 'text/html',
),
'Auth query'
);
count(1);
my $id1 = expectCookie($res);
expectRedirection( $res, 'http://auth.example.com/' );
$client->logout($id1);
## Second successful connection
ok(
$res = $client->_post(
'/',
IO::String->new('user=dwho&password=dwho'),
length => 23,
accept => 'text/html',
),
'Auth query'
);
count(1);
$id1 = expectCookie($res);
expectRedirection( $res, 'http://auth.example.com/' );
$client->logout($id1);
## First failed connection
ok(
$res = $client->_post(
'/',
IO::String->new('user=dwho&password=ohwd'),
length => 23
),
'Auth query'
);
count(1);
expectReject($res);
## Second failed connection
ok(
$res = $client->_post(
'/',
IO::String->new('user=dwho&password=ohwd'),
length => 23
),
'Auth query'
);
count(1);
expectReject($res);
## Third failed connection
my $start = time;
ok(
$res = $client->_post(
'/',
IO::String->new('user=dwho&password=ohwd'),
length => 23,
accept => 'text/html',
),
'Auth query'
);
my $stop = time;
count(1);
my $wait = $stop - $start;
ok($wait > 29 && $wait < 32, "Waiting time = $wait");
count(1);
clean_sessions();
done_testing( count() );
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment