Skip to content

[NEW] Add ability to block failed login attempts by user and IP #17783

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
rodrigok merged 14 commits into from
Jun 20, 2020
Merged

[NEW] Add ability to block failed login attempts by user and IP #17783

rodrigok merged 14 commits into from
Jun 20, 2020

Conversation

@MarcosSpessatto
Copy link
Contributor

@MarcosSpessatto MarcosSpessatto commented May 29, 2020
edited
Loading

Proposed changes

This PR provides the admin the ability to block failed attempts by IP or/and user.

Issue(s)

Closes #2737
Closes #2885
Closes #13387

How to test or reproduce

Screenshots

Types of changes

  • Bugfix (non-breaking change which fixes an issue)
  • Improvement (non-breaking change which improves a current function)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • Hotfix (a major bugfix that has to be merged asap)
  • Documentation Update (if none of the other choices apply)

Checklist

  • I have read the CONTRIBUTING doc
  • I have signed the CLA
  • Lint and unit tests pass locally with my changes
  • I have added tests that prove my fix is effective or that my feature works (if applicable)
  • I have added necessary documentation (if applicable)
  • Any dependent changes have been merged and published in downstream modules

Changelog

Further comments

@MarcosSpessatto MarcosSpessatto added this to the 3.4.0 milestone May 29, 2020
@rodrigok
Copy link
Member

rodrigok commented May 29, 2020

Should incorporate the log on logs from here #13387

@rodrigok
Copy link
Member

rodrigok commented May 29, 2020

Need to review the GDPR compliance here

@MarcosSpessatto MarcosSpessatto requested a review from rodrigok June 1, 2020 18:15
sampaiodiego
sampaiodiego requested changes Jun 15, 2020
View reviewed changes
rodrigok
rodrigok requested changes Jun 15, 2020
View reviewed changes
sampaiodiego
sampaiodiego requested changes Jun 16, 2020
View reviewed changes
sampaiodiego
sampaiodiego previously requested changes Jun 17, 2020
View reviewed changes
@rodrigok rodrigok self-assigned this Jun 20, 2020
@rodrigok rodrigok merged commit 0aada15 into develop Jun 20, 2020
@rodrigok rodrigok deleted the feat/block-failed-login-attempts branch June 20, 2020 18:54
@sampaiodiego sampaiodiego mentioned this pull request Jun 30, 2020
Merged
@ankar84 ankar84 mentioned this pull request Sep 17, 2020
Open
@MJPGPleasant MJPGPleasant mentioned this pull request Jan 6, 2021
Open
@Nowa-Ammerlaan
Copy link

Nowa-Ammerlaan commented Apr 10, 2021
edited
Loading

Enabling the username based login-failure block effectively prevents new users from registering: #21523

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rodrigok rodrigok rodrigok approved these changes

@sampaiodiego sampaiodiego sampaiodiego left review comments

Assignees

@rodrigok rodrigok

Labels

None yet

Projects

None yet

Milestone

3.4.0

Development

Successfully merging this pull request may close these issues.

Store users IPs and ability to ban IPs Limit Number of Failed Login Attempts

5 participants

@MarcosSpessatto @rodrigok @Nowa-Ammerlaan @sampaiodiego