mealie

Cutlery/mealie

Fork 0

mirror of https://github.com/mealie-recipes/mealie.git synced 2025-08-11 09:14:16 -04:00

Commit Graph

Author	SHA1	Message	Date
Matthew Hill	4bd7bda60d	fix: Fix bugs with account locking (#2580 ) * fix(security): reset login attempts after successful login Enforce a maximum number of consecutive failed logins. Successfully logging in should reset the count. #2569 * fix(security): fix when user is unlocked The user should be unlocked when locked_at is set, but the lock has expired. #2569	2023-09-29 15:58:00 -08:00
Hayden	b3c41a4bd0	security: implement user lockout (#1552 ) * add data-types required for login security * implement user lockout checking at login * cleanup legacy patterns * expose passwords in test_user * test user lockout after bad attempts * test user service * bump alembic version * save increment to database * add locked_at to datetime transformer on import * do proper test cleanup * implement scheduled task * spelling * document env variables * implement context manager for session * use context manager * implement reset script * cleanup generator * run generator * implement API endpoint for resetting locked users * add button to reset all locked users * add info when account is locked * use ignore instead of expect-error	2022-08-13 13:18:12 -08:00

Author

SHA1

Message

Date

Matthew Hill

4bd7bda60d

fix: Fix bugs with account locking (#2580 )

* fix(security): reset login attempts after successful login

Enforce a maximum number of consecutive failed logins. Successfully logging in should reset the
count.

#2569

* fix(security): fix when user is unlocked

The user should be unlocked when locked_at is set, but the lock has expired.

#2569

2023-09-29 15:58:00 -08:00

Hayden

b3c41a4bd0

security: implement user lockout (#1552 )

* add data-types required for login security

* implement user lockout checking at login

* cleanup legacy patterns

* expose passwords in test_user

* test user lockout after bad attempts

* test user service

* bump alembic version

* save increment to database

* add locked_at to datetime transformer on import

* do proper test cleanup

* implement scheduled task

* spelling

* document env variables

* implement context manager for session

* use context manager

* implement reset script

* cleanup generator

* run generator

* implement API endpoint for resetting locked users

* add button to reset all locked users

* add info when account is locked

* use ignore instead of expect-error

2022-08-13 13:18:12 -08:00

2 Commits