diff options
| -rw-r--r-- | core/Controller/LoginController.php | 16 | ||||
| -rw-r--r-- | core/templates/login.php | 6 |
2 files changed, 18 insertions, 4 deletions
diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php index e53095a7de7..d3659a1c48c 100644 --- a/core/Controller/LoginController.php +++ b/core/Controller/LoginController.php @@ -34,6 +34,7 @@ namespace OC\Core\Controller; use OC\Authentication\TwoFactorAuth\Manager; +use OC\Security\Bruteforce\Throttler; use OC\User\Session; use OC_App; use OC_Util; @@ -72,6 +73,8 @@ class LoginController extends Controller { private $twoFactorManager; /** @var Defaults */ private $defaults; + /** @var Throttler */ + private $throttler; /** * @param string $appName @@ -84,6 +87,7 @@ class LoginController extends Controller { * @param ILogger $logger * @param Manager $twoFactorManager * @param Defaults $defaults + * @param Throttler $throttler */ public function __construct($appName, IRequest $request, @@ -94,7 +98,8 @@ class LoginController extends Controller { IURLGenerator $urlGenerator, ILogger $logger, Manager $twoFactorManager, - Defaults $defaults) { + Defaults $defaults, + Throttler $throttler) { parent::__construct($appName, $request); $this->userManager = $userManager; $this->config = $config; @@ -104,6 +109,7 @@ class LoginController extends Controller { $this->logger = $logger; $this->twoFactorManager = $twoFactorManager; $this->defaults = $defaults; + $this->throttler = $throttler; } /** @@ -153,7 +159,7 @@ class LoginController extends Controller { } $parameters['messages'] = $messages; - if (!is_null($user) && $user !== '') { + if ($user !== null && $user !== '') { $parameters['loginName'] = $user; $parameters['user_autofocus'] = false; } else { @@ -167,7 +173,7 @@ class LoginController extends Controller { $parameters['canResetPassword'] = true; $parameters['resetPasswordLink'] = $this->config->getSystemValue('lost_password_link', ''); if (!$parameters['resetPasswordLink']) { - if (!is_null($user) && $user !== '') { + if ($user !== null && $user !== '') { $userObj = $this->userManager->get($user); if ($userObj instanceof IUser) { $parameters['canResetPassword'] = $userObj->canChangePassword(); @@ -181,7 +187,7 @@ class LoginController extends Controller { $parameters['rememberLoginState'] = !empty($remember_login) ? $remember_login : 0; $parameters['hideRemeberLoginState'] = !empty($redirect_url) && $this->session->exists('client.flow.state.token'); - if (!is_null($user) && $user !== '') { + if ($user !== null && $user !== '') { $parameters['loginName'] = $user; $parameters['user_autofocus'] = false; } else { @@ -189,6 +195,8 @@ class LoginController extends Controller { $parameters['user_autofocus'] = true; } + $parameters['throttle_delay'] = $this->throttler->getDelay($this->request->getRemoteAddress()); + // OpenGraph Support: http://ogp.me/ Util::addHeader('meta', ['property' => 'og:title', 'content' => Util::sanitizeHTML($this->defaults->getName())]); Util::addHeader('meta', ['property' => 'og:description', 'content' => Util::sanitizeHTML($this->defaults->getSlogan())]); diff --git a/core/templates/login.php b/core/templates/login.php index de991e08d97..3452622907e 100644 --- a/core/templates/login.php +++ b/core/templates/login.php @@ -62,6 +62,12 @@ script('core', 'merged-login'); </p> <?php } ?> + <?php if ($_['throttle_delay'] > 5000) { ?> + <p class="warning throttledMsg"> + <?php p($l->t('We have detected multiple invalid login attempts from your ip. Because of this we throttle your connection. Login can take up to 30 seconds.')); ?> + </p> + <?php } ?> + <?php if (!empty($_['canResetPassword'])) { ?> <div id="reset-password-wrapper" style="display: none;"> <input type="submit" id="reset-password-submit" class="login primary" title="" value="<?php p($l->t('Reset password')); ?>" disabled="disabled" /> |