AIL/ail-framework
7
0
Fork 0
mirror of https://github.com/ail-project/ail-framework.git synced 2024-11-10 08:38:28 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

chg: [api] add bruteforce protection

Browse source
This commit is contained in:
Terrtia 2019-08-06 10:22:09 +02:00
parent fa133ce12c
commit 88592dae57
No known key found for this signature in database
GPG key ID: 1E1B1F50D84613D0
1 changed files with 11 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
var/www/modules/restApi/Flask_restApi.py
View file

@ -96,6 +96,15 @@ def authErrors(user_role):
data = None data = None
# verify token format # verify token format
# brute force protection
current_ip = request.remote_addr
login_failed_ip = r_cache.get('failed_login_ip_api:{}'.format(current_ip))
# brute force by ip
if login_failed_ip:
login_failed_ip = int(login_failed_ip)
if login_failed_ip >= 5:
return ({'status': 'error', 'reason': 'Max Connection Attempts reached, Please wait {}s'.format(r_cache.ttl('failed_login_ip_api:{}'.format(current_ip)))}, 401)
try: try:
authenticated = False authenticated = False
if verify_token(token): if verify_token(token):
@ -106,6 +115,8 @@ def authErrors(user_role):
data = ({'status': 'error', 'reason': 'Access Forbidden'}, 403) data = ({'status': 'error', 'reason': 'Access Forbidden'}, 403)
if not authenticated: if not authenticated:
r_cache.incr('failed_login_ip_api:{}'.format(current_ip))
r_cache.expire('failed_login_ip_api:{}'.format(current_ip), 300)
data = ({'status': 'error', 'reason': 'Authentication failed'}, 401) data = ({'status': 'error', 'reason': 'Authentication failed'}, 401)
except Exception as e: except Exception as e:
print(e) print(e)