Sha256: bcf6d0a76c0d9ac210402c6eb1142804f7a5de5b92d377da3c06d6000be153ca
Contents?: true
Size: 1.98 KB
Versions: 1
Compression:
Stored size: 1.98 KB
Contents
require 'authenticate/callbacks/brute_force'
module Authenticate
module Model
# Protect from brute force attacks. Lock accounts that have too many failed consecutive logins.
# Todo: email user to allow unlocking via a token.
#
# = Columns
#
# * failed_logins_count - each consecutive failed login increments this counter. Set back to 0 on successful login.
# * lock_expires_at - datetime a locked account will again become available.
#
# = Configuration
#
# * max_consecutive_bad_logins_allowed - how many failed logins are allowed?
# * bad_login_lockout_period - how long is the user locked out? nil indicates forever.
#
# = Methods
#
# The following methods are added to your user model:
# * register_failed_login! - increment failed_logins_count, lock account if in violation
# * lock! - lock the account, setting the lock_expires_at attribute
# * unlock! - reset failed_logins_count to 0, lock_expires_at to nil
# * locked? - is the account locked? @return[Boolean]
# * unlocked? - is the account unlocked? @return[Boolean]
#
module BruteForce
extend ActiveSupport::Concern
def self.required_fields(klass)
[:failed_logins_count, :lock_expires_at]
end
def register_failed_login!
self.failed_logins_count ||= 0
self.failed_logins_count += 1
lock! if self.failed_logins_count >= max_bad_logins
end
def lock!
self.update_attribute(:lock_expires_at, Time.now.utc + lockout_period)
end
def unlock!
self.update_attributes({failed_logins_count: 0, lock_expires_at: nil})
end
def locked?
!unlocked?
end
def unlocked?
self.lock_expires_at.nil?
end
private
def max_bad_logins
Authenticate.configuration.max_consecutive_bad_logins_allowed
end
def lockout_period
Authenticate.configuration.bad_login_lockout_period
end
end
end
end
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| authenticate-0.2.0 | lib/authenticate/model/brute_force.rb |