source.dussan.org Git - nextcloud-server.git/commit

]> source.dussan.org Git - nextcloud-server.git/commit

projects / nextcloud-server.git / commit

author	Lukas Reschke <lukas@statuscode.ch>
	Thu, 13 Apr 2017 20:50:44 +0000 (22:50 +0200)
committer	Lukas Reschke <lukas@statuscode.ch>
	Thu, 13 Apr 2017 21:05:33 +0000 (23:05 +0200)
commit	8149945a916447b4e7dae8182dbf0c354e7d19e8
tree	3217c40a9071b56191bf4dd979900defa4888c5f	tree \| snapshot
parent	d0c0f6cfc1871c90cd43d3b005206a360b5bb540	commit \| diff

Make BruteForceProtection annotation more clever

This makes the new `@BruteForceProtection` annotation more clever and moves the relevant code into it's own middleware.

Basically you can now set `@BruteForceProtection(action=$key)` as annotation and that will make the controller bruteforce protected. However, the difference to before is that you need to call `$responmse->throttle()` to increase the counter. Before the counter was increased every time which leads to all kind of unexpected problems.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>

core/Controller/LoginController.php		diff \| blob \| history
lib/composer/composer/autoload_classmap.php		diff \| blob \| history
lib/composer/composer/autoload_static.php		diff \| blob \| history
lib/private/AppFramework/DependencyInjection/DIContainer.php		diff \| blob \| history
lib/private/AppFramework/Middleware/Security/BruteForceMiddleware.php	[new file with mode: 0644]	blob
lib/private/AppFramework/Middleware/Security/SecurityMiddleware.php		diff \| blob \| history
lib/public/AppFramework/Http/Response.php		diff \| blob \| history
tests/Core/Controller/LoginControllerTest.php		diff \| blob \| history
tests/lib/AppFramework/Http/ResponseTest.php		diff \| blob \| history
tests/lib/AppFramework/Middleware/Security/BruteForceMiddlewareTest.php	[new file with mode: 0644]	blob
tests/lib/AppFramework/Middleware/Security/SecurityMiddlewareTest.php		diff \| blob \| history

Nextcloud server, a safe home for all your data: https://github.com/nextcloud/server

RSS Atom