1
Fork 0
mirror of https://github.com/jech/galene.git synced 2024-11-12 19:55:59 +01:00

Add delay after login failure.

This commit is contained in:
Juliusz Chroboczek 2020-12-02 00:07:31 +01:00
parent 2f6c710f29
commit b30d4fe537
3 changed files with 14 additions and 6 deletions

View file

@ -7,6 +7,7 @@ package group
import ( import (
"encoding/json" "encoding/json"
"errors"
"log" "log"
"os" "os"
"path" "path"
@ -23,6 +24,8 @@ import (
var Directory string var Directory string
var UseMDNS bool var UseMDNS bool
var ErrNotAuthorised = errors.New("not authorised")
type UserError string type UserError string
func (err UserError) Error() string { func (err UserError) Error() string {
@ -268,7 +271,7 @@ func Delete(name string) bool {
defer groups.mu.Unlock() defer groups.mu.Unlock()
g := groups.groups[name] g := groups.groups[name]
if g == nil { if g == nil {
return false; return false
} }
g.mu.Lock() g.mu.Lock()
@ -642,22 +645,22 @@ func (desc *description) GetPermission(group string, c Challengeable) (ClientPer
} }
return p, nil return p, nil
} }
return p, UserError("not authorised") return p, ErrNotAuthorised
} }
if found, good := matchClient(group, c, desc.Presenter); found { if found, good := matchClient(group, c, desc.Presenter); found {
if good { if good {
p.Present = true p.Present = true
return p, nil return p, nil
} }
return p, UserError("not authorised") return p, ErrNotAuthorised
} }
if found, good := matchClient(group, c, desc.Other); found { if found, good := matchClient(group, c, desc.Other); found {
if good { if good {
return p, nil return p, nil
} }
return p, UserError("not authorised") return p, ErrNotAuthorised
} }
return p, UserError("not authorised") return p, ErrNotAuthorised
} }
type Public struct { type Public struct {

View file

@ -707,6 +707,9 @@ func StartClient(conn *websocket.Conn) (err error) {
if err != nil { if err != nil {
if os.IsNotExist(err) { if os.IsNotExist(err) {
err = group.UserError("group does not exist") err = group.UserError("group does not exist")
} else if err == group.ErrNotAuthorised {
err = group.UserError("not authorised")
time.Sleep(200 * time.Millisecond)
} }
return return
} }

View file

@ -559,8 +559,10 @@ func checkGroupPermissions(w http.ResponseWriter, r *http.Request, groupname str
} }
p, err := desc.GetPermission(groupname, httpClient{user, pass}) p, err := desc.GetPermission(groupname, httpClient{user, pass})
if err != nil || !p.Record { if err != nil || !p.Record {
if err == group.ErrNotAuthorised {
time.Sleep(200 * time.Millisecond)
}
return false return false
} }