mirror of
https://github.com/pixelfed/pixelfed.git
synced 2024-12-22 04:53:17 +00:00
Update login form, allow admins to enable captcha after X failed attempts. Admins can set the number of attempts before captcha is shown, default is 2 attempts before captcha is required
This commit is contained in:
parent
f9eb99c897
commit
221ddce0fa
3 changed files with 55 additions and 6 deletions
|
@ -7,6 +7,8 @@ use App\Http\Controllers\Controller;
|
|||
use App\User;
|
||||
use Illuminate\Foundation\Auth\AuthenticatesUsers;
|
||||
use App\Services\BouncerService;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Validation\ValidationException;
|
||||
|
||||
class LoginController extends Controller
|
||||
{
|
||||
|
@ -70,8 +72,16 @@ class LoginController extends Controller
|
|||
'password' => 'required|string|min:6',
|
||||
];
|
||||
|
||||
if(config('captcha.enabled') || config('captcha.active.login')) {
|
||||
$rules['h-captcha-response'] = 'required|captcha';
|
||||
if(
|
||||
config('captcha.enabled') ||
|
||||
config('captcha.active.login') ||
|
||||
(
|
||||
config('captcha.triggers.login.enabled') &&
|
||||
request()->session()->has('login_attempts') &&
|
||||
request()->session()->get('login_attempts') >= config('captcha.triggers.login.attempts')
|
||||
)
|
||||
) {
|
||||
$rules['h-captcha-response'] = 'required|filled|captcha|min:5';
|
||||
}
|
||||
|
||||
$this->validate($request, $rules);
|
||||
|
@ -102,4 +112,28 @@ class LoginController extends Controller
|
|||
$log->user_agent = $request->userAgent();
|
||||
$log->save();
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the failed login response instance.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @return \Symfony\Component\HttpFoundation\Response
|
||||
*
|
||||
* @throws \Illuminate\Validation\ValidationException
|
||||
*/
|
||||
protected function sendFailedLoginResponse(Request $request)
|
||||
{
|
||||
if(config('captcha.triggers.login.enabled')) {
|
||||
if ($request->session()->has('login_attempts')) {
|
||||
$ct = $request->session()->get('login_attempts');
|
||||
$request->session()->put('login_attempts', $ct + 1);
|
||||
} else {
|
||||
$request->session()->put('login_attempts', 1);
|
||||
}
|
||||
}
|
||||
|
||||
throw ValidationException::withMessages([
|
||||
$this->username() => [trans('auth.failed')],
|
||||
]);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -16,5 +16,12 @@ return [
|
|||
'active' => [
|
||||
'login' => env('CAPTCHA_ENABLED_ON_LOGIN', false),
|
||||
'register' => env('CAPTCHA_ENABLED_ON_REGISTER', false)
|
||||
],
|
||||
|
||||
'triggers' => [
|
||||
'login' => [
|
||||
'enabled' => env('CAPTCHA_TRIGGERS_LOGIN_ENABLED', false),
|
||||
'attempts' => env('CAPTCHA_TRIGGERS_LOGIN_ATTEMPTS', 2)
|
||||
]
|
||||
]
|
||||
];
|
||||
|
|
|
@ -50,10 +50,18 @@
|
|||
</div>
|
||||
</div>
|
||||
|
||||
@if(config('captcha.enabled') || config('captcha.active.login'))
|
||||
<div class="d-flex justify-content-center mb-3">
|
||||
{!! Captcha::display() !!}
|
||||
</div>
|
||||
@if(
|
||||
config('captcha.enabled') ||
|
||||
config('captcha.active.login') ||
|
||||
(
|
||||
config('captcha.triggers.login.enabled') &&
|
||||
request()->session()->has('login_attempts') &&
|
||||
request()->session()->get('login_attempts') >= config('captcha.triggers.login.attempts')
|
||||
)
|
||||
)
|
||||
<div class="d-flex justify-content-center mb-3">
|
||||
{!! Captcha::display() !!}
|
||||
</div>
|
||||
@endif
|
||||
|
||||
<div class="form-group row mb-0">
|
||||
|
|
Loading…
Reference in a new issue