Implement occ command security:bruteforceattemps:reset-for-ip

Signed-off-by: Johannes Riedel <joeried@users.noreply.github.com>

1 files changed, 29 insertions, 6 deletions

diff --git a/lib/private/Security/Bruteforce/Throttler.php b/lib/private/Security/Bruteforce/Throttler.php
index b5a4dfbfaff..e53c3c66d37 100644
--- a/lib/private/Security/Bruteforce/Throttler.php
+++ b/lib/private/Security/Bruteforce/Throttler.php
@@ -89,6 +89,17 @@ class Throttler {
 	}
 
 	/**
+	 *  Calculate the cut off timestamp
+	 *
+	 * @return int
+	 */
+	private function getCutoffTimestamp(): int {
+		return (new \DateTime())
+			->sub($this->getCutoff(43200))
+			->getTimestamp();
+	}
+
+	/**
 	 * Register a failed attempt to bruteforce a security control
 	 *
 	 * @param string $action
@@ -212,9 +223,7 @@ class Throttler {
 			return 0;
 		}
 
-		$cutoffTime = (new \DateTime())
-			->sub($this->getCutoff(43200))
-			->getTimestamp();
+		$cutoffTime = $this->getCutoffTimestamp();
 
 		$qb = $this->db->getQueryBuilder();
 		$qb->select('*')
@@ -259,9 +268,7 @@ class Throttler {
 			return;
 		}
 
-		$cutoffTime = (new \DateTime())
-			->sub($this->getCutoff(43200))
-			->getTimestamp();
+		$cutoffTime = $this->getCutoffTimestamp();
 
 		$qb = $this->db->getQueryBuilder();
 		$qb->delete('bruteforce_attempts')
@@ -274,6 +281,22 @@ class Throttler {
 	}
 
 	/**
+	 * Reset the throttling delay for an IP address
+	 *
+	 * @param string $ip
+	 */
+	public function resetDelayForIP($ip){
+		$cutoffTime = $this->getCutoffTimestamp();
+
+		$qb = $this->db->getQueryBuilder();
+		$qb->delete('bruteforce_attempts')
+			->where($qb->expr()->gt('occurred', $qb->createNamedParameter($cutoffTime)))
+			->andWhere($qb->expr()->eq('ip', $qb->createNamedParameter($ip)));
+
+		$qb->execute();
+	}
+
+	/**
 	 * Will sleep for the defined amount of time
 	 *
 	 * @param string $ip