From 7cab7feb38b0456ac923869e7dad5976d2ab874a Mon Sep 17 00:00:00 2001 From: Roeland Jago Douma Date: Sat, 13 Jan 2018 21:12:22 +0100 Subject: Display message when connection is throttled on logi page Signed-off-by: Roeland Jago Douma --- core/Controller/LoginController.php | 16 ++++++++++++---- core/templates/login.php | 6 ++++++ 2 files changed, 18 insertions(+), 4 deletions(-) (limited to 'core') diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php index e53095a7de7..d3659a1c48c 100644 --- a/core/Controller/LoginController.php +++ b/core/Controller/LoginController.php @@ -34,6 +34,7 @@ namespace OC\Core\Controller; use OC\Authentication\TwoFactorAuth\Manager; +use OC\Security\Bruteforce\Throttler; use OC\User\Session; use OC_App; use OC_Util; @@ -72,6 +73,8 @@ class LoginController extends Controller { private $twoFactorManager; /** @var Defaults */ private $defaults; + /** @var Throttler */ + private $throttler; /** * @param string $appName @@ -84,6 +87,7 @@ class LoginController extends Controller { * @param ILogger $logger * @param Manager $twoFactorManager * @param Defaults $defaults + * @param Throttler $throttler */ public function __construct($appName, IRequest $request, @@ -94,7 +98,8 @@ class LoginController extends Controller { IURLGenerator $urlGenerator, ILogger $logger, Manager $twoFactorManager, - Defaults $defaults) { + Defaults $defaults, + Throttler $throttler) { parent::__construct($appName, $request); $this->userManager = $userManager; $this->config = $config; @@ -104,6 +109,7 @@ class LoginController extends Controller { $this->logger = $logger; $this->twoFactorManager = $twoFactorManager; $this->defaults = $defaults; + $this->throttler = $throttler; } /** @@ -153,7 +159,7 @@ class LoginController extends Controller { } $parameters['messages'] = $messages; - if (!is_null($user) && $user !== '') { + if ($user !== null && $user !== '') { $parameters['loginName'] = $user; $parameters['user_autofocus'] = false; } else { @@ -167,7 +173,7 @@ class LoginController extends Controller { $parameters['canResetPassword'] = true; $parameters['resetPasswordLink'] = $this->config->getSystemValue('lost_password_link', ''); if (!$parameters['resetPasswordLink']) { - if (!is_null($user) && $user !== '') { + if ($user !== null && $user !== '') { $userObj = $this->userManager->get($user); if ($userObj instanceof IUser) { $parameters['canResetPassword'] = $userObj->canChangePassword(); @@ -181,7 +187,7 @@ class LoginController extends Controller { $parameters['rememberLoginState'] = !empty($remember_login) ? $remember_login : 0; $parameters['hideRemeberLoginState'] = !empty($redirect_url) && $this->session->exists('client.flow.state.token'); - if (!is_null($user) && $user !== '') { + if ($user !== null && $user !== '') { $parameters['loginName'] = $user; $parameters['user_autofocus'] = false; } else { @@ -189,6 +195,8 @@ class LoginController extends Controller { $parameters['user_autofocus'] = true; } + $parameters['throttle_delay'] = $this->throttler->getDelay($this->request->getRemoteAddress()); + // OpenGraph Support: http://ogp.me/ Util::addHeader('meta', ['property' => 'og:title', 'content' => Util::sanitizeHTML($this->defaults->getName())]); Util::addHeader('meta', ['property' => 'og:description', 'content' => Util::sanitizeHTML($this->defaults->getSlogan())]); diff --git a/core/templates/login.php b/core/templates/login.php index de991e08d97..3452622907e 100644 --- a/core/templates/login.php +++ b/core/templates/login.php @@ -62,6 +62,12 @@ script('core', 'merged-login');

+ 5000) { ?> +

+ t('We have detected multiple invalid login attempts from your ip. Because of this we throttle your connection. Login can take up to 30 seconds.')); ?> +

+ +