mirror of
https://github.com/jech/galene.git
synced 2024-11-22 08:35:57 +01:00
Add delay after login failure.
This commit is contained in:
parent
2f6c710f29
commit
b30d4fe537
3 changed files with 14 additions and 6 deletions
|
@ -7,6 +7,7 @@ package group
|
|||
|
||||
import (
|
||||
"encoding/json"
|
||||
"errors"
|
||||
"log"
|
||||
"os"
|
||||
"path"
|
||||
|
@ -23,6 +24,8 @@ import (
|
|||
var Directory string
|
||||
var UseMDNS bool
|
||||
|
||||
var ErrNotAuthorised = errors.New("not authorised")
|
||||
|
||||
type UserError string
|
||||
|
||||
func (err UserError) Error() string {
|
||||
|
@ -268,7 +271,7 @@ func Delete(name string) bool {
|
|||
defer groups.mu.Unlock()
|
||||
g := groups.groups[name]
|
||||
if g == nil {
|
||||
return false;
|
||||
return false
|
||||
}
|
||||
|
||||
g.mu.Lock()
|
||||
|
@ -642,22 +645,22 @@ func (desc *description) GetPermission(group string, c Challengeable) (ClientPer
|
|||
}
|
||||
return p, nil
|
||||
}
|
||||
return p, UserError("not authorised")
|
||||
return p, ErrNotAuthorised
|
||||
}
|
||||
if found, good := matchClient(group, c, desc.Presenter); found {
|
||||
if good {
|
||||
p.Present = true
|
||||
return p, nil
|
||||
}
|
||||
return p, UserError("not authorised")
|
||||
return p, ErrNotAuthorised
|
||||
}
|
||||
if found, good := matchClient(group, c, desc.Other); found {
|
||||
if good {
|
||||
return p, nil
|
||||
}
|
||||
return p, UserError("not authorised")
|
||||
return p, ErrNotAuthorised
|
||||
}
|
||||
return p, UserError("not authorised")
|
||||
return p, ErrNotAuthorised
|
||||
}
|
||||
|
||||
type Public struct {
|
||||
|
|
|
@ -707,6 +707,9 @@ func StartClient(conn *websocket.Conn) (err error) {
|
|||
if err != nil {
|
||||
if os.IsNotExist(err) {
|
||||
err = group.UserError("group does not exist")
|
||||
} else if err == group.ErrNotAuthorised {
|
||||
err = group.UserError("not authorised")
|
||||
time.Sleep(200 * time.Millisecond)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
|
|
@ -559,8 +559,10 @@ func checkGroupPermissions(w http.ResponseWriter, r *http.Request, groupname str
|
|||
}
|
||||
|
||||
p, err := desc.GetPermission(groupname, httpClient{user, pass})
|
||||
|
||||
if err != nil || !p.Record {
|
||||
if err == group.ErrNotAuthorised {
|
||||
time.Sleep(200 * time.Millisecond)
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue