m26508134
/
docklet
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add LoginFailMsg into model & Ban user if he input wrong password for many times.

This commit is contained in:
Firmlyzhu 2018-12-12 19:10:05 +08:00
parent dc1b6ff640
commit d5f6b2b414
3 changed files with 46 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
conf/nginx_docklet.conf
View File

@ -1,6 +1,9 @@
server server
{ {
listen %NGINX_PORT; listen %NGINX_PORT;
#ssl on;
#ssl_certificate /etc/nginx/ssl/1604242_iwork.pku.edu.cn.pem;
#ssl_certificate_key /etc/nginx/ssl/1604242_iwork.pku.edu.cn.key;
server_name nginx_docklet.conf; server_name nginx_docklet.conf;
charset UTF-8; charset UTF-8;
add_header X-Frame-Options SAMEORIGIN; add_header X-Frame-Options SAMEORIGIN;

31
src/master/userManager.py
View File

@ -7,7 +7,7 @@ Warning: in some early versions, "token" stand for the instance of class model.U
Original author: Liu Peidong Original author: Liu Peidong
''' '''
from utils.model import db, User, UserGroup, Notification, UserUsage, LoginMsg from utils.model import db, User, UserGroup, Notification, UserUsage, LoginMsg, LoginFailMsg
from functools import wraps from functools import wraps
import os, subprocess, math import os, subprocess, math
import hashlib import hashlib
@ -19,7 +19,7 @@ import smtplib
from email.mime.text import MIMEText from email.mime.text import MIMEText
from email.mime.multipart import MIMEMultipart from email.mime.multipart import MIMEMultipart
from email.header import Header from email.header import Header
from datetime import datetime from datetime import datetime, timedelta
import json import json
from utils.log import logger from utils.log import logger
from utils.lvmtool import * from utils.lvmtool import *
@ -144,7 +144,6 @@ class userManager:
''' '''
try: try:
User.query.all() User.query.all()
LoginMsg.query.all()
except: except:
db.create_all() db.create_all()
if password == None: if password == None:
@ -202,6 +201,8 @@ class userManager:
try: try:
UserUsage.query.all() UserUsage.query.all()
LoginMsg.query.all()
LoginFailMsg.query.all()
except: except:
db.create_all() db.create_all()
@ -327,7 +328,22 @@ class userManager:
return a token as well as some user information return a token as well as some user information
''' '''
user = User.query.filter_by(username = username).first() user = User.query.filter_by(username = username).first()
failmsg = LoginFailMsg.query.filter_by(username = username).first()
result = {} result = {}
if failmsg == None:
newfailmsg = LoginFailMsg(username)
db.session.add(newfailmsg)
db.session.commit()
failmsg = newfailmsg
elif failmsg.failcnt > 40:
reason = "You have been input wrong password over 40 times. You account will be locked. Please contact administrators for help."
logger.info("Login failed: userip=%s reason:%s" % (userip,reason))
return {'success':'false', 'reason':reason}
elif datetime.now() < failmsg.bantime:
reason = "You have been input wrong password %d times. Please try after %s." % (failmsg.failcnt, failmsg.bantime.strftime("%Y-%m-%d %H:%M:%S"))
logger.info("Login failed: userip=%s reason:%s" % (userip,reason))
return {'success':'false', 'reason':reason}
if (user == None or user.auth_method =='local'): if (user == None or user.auth_method =='local'):
result = self.auth_local(username, password) result = self.auth_local(username, password)
elif (user.auth_method == 'pam'): elif (user.auth_method == 'pam'):
@ -337,11 +353,20 @@ class userManager:
if result['success'] == 'true': if result['success'] == 'true':
loginmsg = LoginMsg(result['data']['username'],userip) loginmsg = LoginMsg(result['data']['username'],userip)
failmsg.failcnt = 0
db.session.add(loginmsg) db.session.add(loginmsg)
db.session.commit() db.session.commit()
logger.info("Login success: username=%s, userip=%s" % (result['data']['username'], userip)) logger.info("Login success: username=%s, userip=%s" % (result['data']['username'], userip))
else: else:
logger.info("Login failed: userip=%s" % (userip)) logger.info("Login failed: userip=%s" % (userip))
failmsg.failcnt += 1
if failmsg.failcnt == 10:
failmsg.bantime = datetime.now() + timedelta(minutes=10)
elif failmsg.failcnt == 20:
failmsg.bantime = datetime.now() + timedelta(minutes=100)
elif failmsg.failcnt == 30:
failmsg.bantime = datetime.now() + timedelta(days=1)
db.session.commit()
return result return result
def auth_token(self, token): def auth_token(self, token):

14
src/utils/model.py
View File

@ -221,6 +221,20 @@ class LoginMsg(db.Model):
def __repr__(self): def __repr__(self):
return '<id=%d, username=%s, userip=%s, time=%s>' % (self.id,self.username,self.userip,self.time.strftime("%Y-%m-%d %H:%M:%S")) return '<id=%d, username=%s, userip=%s, time=%s>' % (self.id,self.username,self.userip,self.time.strftime("%Y-%m-%d %H:%M:%S"))
class LoginFailMsg(db.Model):
id = db.Column(db.Integer, primary_key=True)
username = db.Column(db.String(10), unique=True)
failcnt = db.Column(db.Integer)
bantime = db.Column(db.DateTime)
def __init__(self, username):
self.username = username
self.failcnt = 0
self.bantime = datetime.now()
def __repr__(self):
return '<id=%d, username=%s, failcnt=%d, bantime=%s>' % (self.id,self.username,self.failcnt,self.bantime.strftime("%Y-%m-%d %H:%M:%S"))
class VNode(db.Model): class VNode(db.Model):
__bind_key__ = 'history' __bind_key__ = 'history'
name = db.Column(db.String(100), primary_key=True) name = db.Column(db.String(100), primary_key=True)