limit to 5 attempts on code verification
This commit is contained in:
parent
d6336ee87e
commit
b49ded7ccd
|
@ -98,6 +98,7 @@ app.post("/login/step/instance", async (req, res) => {
|
||||||
prompt: "USERNAME", // change this if oidc is available
|
prompt: "USERNAME", // change this if oidc is available
|
||||||
instance: domain,
|
instance: domain,
|
||||||
method: deliveryProvider ? "SEND_CODE" : "RECV_CODE",
|
method: deliveryProvider ? "SEND_CODE" : "RECV_CODE",
|
||||||
|
attempt: 0,
|
||||||
};
|
};
|
||||||
|
|
||||||
// const oidcSupport = await doesInstanceSupportOIDC(domain);
|
// const oidcSupport = await doesInstanceSupportOIDC(domain);
|
||||||
|
@ -238,6 +239,13 @@ app.post("/login/step/verify", async (req, res) => {
|
||||||
|
|
||||||
const { session_id, username, instance } = req.session.login;
|
const { session_id, username, instance } = req.session.login;
|
||||||
|
|
||||||
|
if (req.session.login.attempt > 5) {
|
||||||
|
req.session.destroy(() => {
|
||||||
|
res.status(400).json({ success: false, error: "too_many_attempts" });
|
||||||
|
});
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
const session = await prisma.authSession.findFirst({
|
const session = await prisma.authSession.findFirst({
|
||||||
where: {
|
where: {
|
||||||
id: session_id,
|
id: session_id,
|
||||||
|
@ -266,7 +274,11 @@ app.post("/login/step/verify", async (req, res) => {
|
||||||
code = req.body.code;
|
code = req.body.code;
|
||||||
|
|
||||||
if (session.one_time_code !== code) {
|
if (session.one_time_code !== code) {
|
||||||
return res.status(400).json({ success: false, error: "code_invalid" });
|
req.session.login.attempt++;
|
||||||
|
req.session.save(() => {
|
||||||
|
res.status(400).json({ success: false, error: "code_invalid" });
|
||||||
|
});
|
||||||
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
req.session.user = { sub: session.user_sub };
|
req.session.user = { sub: session.user_sub };
|
||||||
|
@ -290,7 +302,12 @@ app.post("/login/step/verify", async (req, res) => {
|
||||||
res.json({ success: true });
|
res.json({ success: true });
|
||||||
});
|
});
|
||||||
} else {
|
} else {
|
||||||
|
if (req.session.login) {
|
||||||
|
req.session.login.attempt++;
|
||||||
|
}
|
||||||
|
req.session.save(() => {
|
||||||
res.status(400).json({ success: false, error: data.error });
|
res.status(400).json({ success: false, error: data.error });
|
||||||
|
});
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
break;
|
break;
|
||||||
|
|
|
@ -15,6 +15,7 @@ declare module "express-session" {
|
||||||
method: "SEND_CODE" | "RECV_CODE"; // what delivery to attempt
|
method: "SEND_CODE" | "RECV_CODE"; // what delivery to attempt
|
||||||
username?: string;
|
username?: string;
|
||||||
session_id?: string;
|
session_id?: string;
|
||||||
|
attempt: number;
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue