Throttle failed login attempts (10/day)

author: Yorhel <git@yorhel.nl> 2014-08-29 10:54:36 +0200
committer: Yorhel <git@yorhel.nl> 2014-08-29 10:54:36 +0200
commit: 9a1bd46a568094ff62cfc85bc488b116042718b8 (patch)
tree: e580afad4f318a1c5f4c98047beaa6796b3f14e3 /lib/VNDB/Handler/Users.pm
parent: c27d4e6b509a655d81e36469bb881afc287596e8 (diff)
1 files changed, 19 insertions, 2 deletions
diff --git a/lib/VNDB/Handler/Users.pm b/lib/VNDB/Handler/Users.pm
index eb7e03ab..78c4103d 100644
--- a/lib/VNDB/Handler/Users.pm
+++ b/lib/VNDB/Handler/Users.pm
@@ -140,6 +140,20 @@ sub login {
 
   return $self->resRedirect('/') if $self->authInfo->{id};
 
+  my $tm = $self->dbThrottleGet($self->normIP);
+  if($tm-time() > $self->{login_throttle}[1]) {
+    $self->htmlHeader(title => mt '_login_title');
+    div class => 'mainbox';
+     h1 mt '_login_title';
+     div class => 'warning';
+      h2 mt '_login_throttle_title';
+      p; lit mt '_login_throttle_msg'; end;
+     end;
+    end 'div';
+    $self->htmlFooter;
+    return;
+  }
+
   my $frm;
   if($self->reqMethod eq 'POST') {
     return if !$self->authCheckCode;
@@ -150,8 +164,11 @@ sub login {
 
     (my $ref = $self->reqHeader('Referer')||'/') =~ s/^\Q$self->{url}//;
     $ref = '/' if $ref =~ /^\/u\//;
-    return if !$frm->{_err} && $self->authLogin($frm->{usrname}, $frm->{usrpass}, $ref);
-    $frm->{_err} = [ 'login_failed' ] if !$frm->{_err};
+    if(!$frm->{_err}) {
+      return if $self->authLogin($frm->{usrname}, $frm->{usrpass}, $ref);
+      $frm->{_err} = [ 'login_failed' ];
+      $self->dbThrottleSet($self->normIP, $tm+$self->{login_throttle}[0]);
+    }
   }
 
   $self->htmlHeader(noindex => 1, title => mt '_login_title');
author	Yorhel <git@yorhel.nl>	2014-08-29 10:54:36 +0200
committer	Yorhel <git@yorhel.nl>	2014-08-29 10:54:36 +0200
commit	9a1bd46a568094ff62cfc85bc488b116042718b8 (patch)
tree	e580afad4f318a1c5f4c98047beaa6796b3f14e3 /lib/VNDB/Handler/Users.pm
parent	c27d4e6b509a655d81e36469bb881afc287596e8 (diff)