1
0
mirror of https://github.com/dkmstr/openuds.git synced 2024-12-25 23:21:41 +03:00

added config to actor block attacks

This commit is contained in:
Adolfo Gómez García 2021-03-12 15:10:39 +01:00
parent 868ff2817a
commit 52d3ffeac3
3 changed files with 11 additions and 5 deletions

View File

@ -69,6 +69,8 @@ class BlockAccess(Exception):
def checkBlockedIp(ip: str) -> None:
if GlobalConfig.BLOCK_ACTOR_FAILURES.getBool() is False:
return
cache = Cache('actorv3')
fails = cache.get(ip) or 0
if fails > ALLOWED_FAILS:

View File

@ -315,6 +315,9 @@ class GlobalConfig:
# If we use new logout mechanics
EXCLUSIVE_LOGOUT: Config.Value = Config.section(SECURITY_SECTION).value('Exclusive Logout', '0', type=Config.BOOLEAN_FIELD)
# Enable/Disable Actor attack block
BLOCK_ACTOR_FAILURES: Config.Value = Config.section(SECURITY_SECTION).value('Block actor failures', '1', type=Config.BOOLEAN_FIELD)
RELOAD_TIME: Config.Value = Config.section(GLOBAL_SECTION).value('Page reload Time', '300', type=Config.NUMERIC_FIELD)
LIMITED_BY_CALENDAR_TEXT: Config.Value = Config.section(GLOBAL_SECTION).value('Calendar access denied text', '', type=Config.TEXT_FIELD) # Defaults to Nothing

View File

@ -35,15 +35,16 @@ import typing
from django.shortcuts import render
from django.http import HttpRequest, HttpResponse, JsonResponse, HttpResponseRedirect
from django.urls import reverse
from uds.web.util import errors
from uds.core.util.request import ExtendedHttpRequest, ExtendedHttpRequestWithUser
from uds.core.auths import auth
from uds.web.util import errors
from uds.web.forms.LoginForm import LoginForm
from uds.web.util.authentication import checkLogin
from uds.web.util.services import getServicesData
from uds.web.util import configjs
logger = logging.getLogger(__name__)
@ -66,7 +67,7 @@ def ticketLauncher(request: HttpRequest) -> HttpResponse:
# Basically, the original /login method, but fixed for modern interface
def login(request: HttpRequest, tag: typing.Optional[str] = None) -> HttpResponse:
def login(request: ExtendedHttpRequest, tag: typing.Optional[str] = None) -> HttpResponse:
# Default empty form
logger.debug('Tag: %s', tag)
if request.method == 'POST':
@ -97,7 +98,7 @@ def login(request: HttpRequest, tag: typing.Optional[str] = None) -> HttpRespons
@auth.webLoginRequired(admin=False)
def logout(request: HttpRequest) -> HttpResponse:
def logout(request: ExtendedHttpRequestWithUser) -> HttpResponse:
auth.authLogLogout(request)
request.session['restricted'] = False # Remove restricted
logoutUrl = request.user.logout()
@ -111,5 +112,5 @@ def js(request: HttpRequest) -> HttpResponse:
@auth.denyNonAuthenticated
def servicesData(request: HttpRequest) -> HttpResponse:
def servicesData(request: ExtendedHttpRequestWithUser) -> HttpResponse:
return JsonResponse(getServicesData(request))