-
-
Notifications
You must be signed in to change notification settings - Fork 4.1k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Class Throttler implements the bruteforce protection for security actions in Nextcloud. It is working by logging invalid login attempts to the database and slowing down all login attempts from the same subnet. The max delay is 30 seconds and the starting delay are 200 milliseconds. (after the first failed login)
- Loading branch information
1 parent
7cdf640
commit 98b8ed0
Showing
25 changed files
with
654 additions
and
68 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,4 @@ | ||
<?php | ||
|
||
/** | ||
* @author Christoph Wurst <[email protected]> | ||
* | ||
|
@@ -23,6 +22,7 @@ | |
namespace OC\Core\Controller; | ||
|
||
use OC\AppFramework\Http; | ||
use OC\AppFramework\Utility\TimeFactory; | ||
use OC\Authentication\Token\DefaultTokenProvider; | ||
use OC\Authentication\Token\IProvider; | ||
use OC\Authentication\Token\IToken; | ||
|
@@ -35,27 +35,29 @@ | |
use OCP\Security\ISecureRandom; | ||
|
||
class TokenController extends Controller { | ||
|
||
/** @var UserManager */ | ||
private $userManager; | ||
|
||
/** @var IProvider */ | ||
private $tokenProvider; | ||
|
||
/** @var TwoFactorAuthManager */ | ||
private $twoFactorAuthManager; | ||
|
||
/** @var ISecureRandom */ | ||
private $secureRandom; | ||
|
||
/** | ||
* @param string $appName | ||
* @param IRequest $request | ||
* @param Manager $userManager | ||
* @param DefaultTokenProvider $tokenProvider | ||
* @param UserManager $userManager | ||
* @param IProvider $tokenProvider | ||
* @param TwoFactorAuthManager $twoFactorAuthManager | ||
* @param ISecureRandom $secureRandom | ||
*/ | ||
public function __construct($appName, IRequest $request, UserManager $userManager, IProvider $tokenProvider, TwoFactorAuthManager $twoFactorAuthManager, ISecureRandom $secureRandom) { | ||
public function __construct($appName, | ||
IRequest $request, | ||
UserManager $userManager, | ||
IProvider $tokenProvider, | ||
TwoFactorAuthManager $twoFactorAuthManager, | ||
ISecureRandom $secureRandom) { | ||
parent::__construct($appName, $request); | ||
$this->userManager = $userManager; | ||
$this->tokenProvider = $tokenProvider; | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.