1
Fork 0
mirror of https://github.com/jech/galene.git synced 2024-12-22 15:25:48 +01:00

Add delay after login failure.

This commit is contained in:
Juliusz Chroboczek 2020-12-02 00:07:31 +01:00
parent 2f6c710f29
commit b30d4fe537
3 changed files with 14 additions and 6 deletions

View file

@ -7,6 +7,7 @@ package group
import (
"encoding/json"
"errors"
"log"
"os"
"path"
@ -23,6 +24,8 @@ import (
var Directory string
var UseMDNS bool
var ErrNotAuthorised = errors.New("not authorised")
type UserError string
func (err UserError) Error() string {
@ -268,7 +271,7 @@ func Delete(name string) bool {
defer groups.mu.Unlock()
g := groups.groups[name]
if g == nil {
return false;
return false
}
g.mu.Lock()
@ -642,22 +645,22 @@ func (desc *description) GetPermission(group string, c Challengeable) (ClientPer
}
return p, nil
}
return p, UserError("not authorised")
return p, ErrNotAuthorised
}
if found, good := matchClient(group, c, desc.Presenter); found {
if good {
p.Present = true
return p, nil
}
return p, UserError("not authorised")
return p, ErrNotAuthorised
}
if found, good := matchClient(group, c, desc.Other); found {
if good {
return p, nil
}
return p, UserError("not authorised")
return p, ErrNotAuthorised
}
return p, UserError("not authorised")
return p, ErrNotAuthorised
}
type Public struct {

View file

@ -707,6 +707,9 @@ func StartClient(conn *websocket.Conn) (err error) {
if err != nil {
if os.IsNotExist(err) {
err = group.UserError("group does not exist")
} else if err == group.ErrNotAuthorised {
err = group.UserError("not authorised")
time.Sleep(200 * time.Millisecond)
}
return
}

View file

@ -559,8 +559,10 @@ func checkGroupPermissions(w http.ResponseWriter, r *http.Request, groupname str
}
p, err := desc.GetPermission(groupname, httpClient{user, pass})
if err != nil || !p.Record {
if err == group.ErrNotAuthorised {
time.Sleep(200 * time.Millisecond)
}
return false
}