diff options
author | Joas Schilling <coding@schilljs.com> | 2020-03-19 13:26:24 +0100 |
---|---|---|
committer | Joas Schilling <coding@schilljs.com> | 2020-08-19 11:20:35 +0200 |
commit | c8fea66d658bf722bf0aa903b4d7eb35738a4ea5 (patch) | |
tree | 57d7fb81ba4accd7fa88eac9b4210ff0740c83d9 /lib | |
parent | cdb36c8eadc2b9c2a864941e8d1e585c8f3e18c5 (diff) | |
download | nextcloud-server-c8fea66d658bf722bf0aa903b4d7eb35738a4ea5.tar.gz nextcloud-server-c8fea66d658bf722bf0aa903b4d7eb35738a4ea5.zip |
Split delay calculation from getting the attempts
Signed-off-by: Joas Schilling <coding@schilljs.com>
Diffstat (limited to 'lib')
-rw-r--r-- | lib/private/Security/Bruteforce/Throttler.php | 22 |
1 files changed, 17 insertions, 5 deletions
diff --git a/lib/private/Security/Bruteforce/Throttler.php b/lib/private/Security/Bruteforce/Throttler.php index e5d3c3503ba..a4e0fc3e058 100644 --- a/lib/private/Security/Bruteforce/Throttler.php +++ b/lib/private/Security/Bruteforce/Throttler.php @@ -94,11 +94,12 @@ class Throttler { /** * Calculate the cut off timestamp * + * @param int $maxAgeHours * @return int */ - private function getCutoffTimestamp(): int { + private function getCutoffTimestamp(int $maxAgeHours): int { return (new \DateTime()) - ->sub($this->getCutoff(43200)) + ->sub($this->getCutoff($maxAgeHours * 3600)) ->getTimestamp(); } @@ -217,15 +218,16 @@ class Throttler { * * @param string $ip * @param string $action optionally filter by action + * @param int $maxAgeHours * @return int */ - public function getDelay($ip, $action = '') { + public function getAttempts(string $ip, string $action = '', int $maxAgeHours = 12): int { $ipAddress = new IpAddress($ip); if ($this->isIPWhitelisted((string)$ipAddress)) { return 0; } - $cutoffTime = $this->getCutoffTimestamp(); + $cutoffTime = $this->getCutoffTimestamp($maxAgeHours); $qb = $this->db->getQueryBuilder(); $qb->select($qb->func()->count('*', 'attempts')) @@ -241,8 +243,18 @@ class Throttler { $row = $result->fetch(); $result->closeCursor(); - $attempts = (int) $row['attempts']; + return (int) $row['attempts']; + } + /** + * Get the throttling delay (in milliseconds) + * + * @param string $ip + * @param string $action optionally filter by action + * @return int + */ + public function getDelay(string $ip, string $action = ''): int { + $attempts = $this->getAttempts($ip, $action); if ($attempts === 0) { return 0; } |