squidy/qBittorrent
1
0
Fork 0
mirror of https://github.com/qbittorrent/qBittorrent.git synced 2025-12-23 08:48:07 -06:00
Code Issues Packages Projects Releases Wiki Activity

Expose WebUI ban counter to users

Browse Source
This commit is contained in:
Chocobo1
2020-02-12 18:51:38 +08:00
parent 316f34cbf5
commit f88d6b2e55
8 changed files with 67 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/webui/api/appcontroller.cpp
View File

@@ -232,6 +232,7 @@ void AppController::preferencesAction()
for (const Utils::Net::Subnet &subnet : asConst(pref->getWebUiAuthSubnetWhitelist()))
authSubnetWhitelistStringList << Utils::Net::subnetToString(subnet);
data["bypass_auth_subnet_whitelist"] = authSubnetWhitelistStringList.join("\n");
data["web_ui_max_auth_fail_count"] = pref->getWebUIMaxAuthFailCount();
data["web_ui_session_timeout"] = pref->getWebUISessionTimeout();
// Use alternative Web UI
data["alternative_webui_enabled"] = pref->isAltWebUiEnabled();
@@ -601,6 +602,8 @@ void AppController::setPreferencesAction()
// recognize new lines and commas as delimiters
pref->setWebUiAuthSubnetWhitelist(it.value().toString().split(QRegularExpression("\n|,"), QString::SkipEmptyParts));
}
if (hasKey("web_ui_max_auth_fail_count"))
pref->setWebUIMaxAuthFailCount(it.value().toInt());
if (hasKey("web_ui_session_timeout"))
pref->setWebUISessionTimeout(it.value().toInt());
// Use alternative Web UI

10
src/webui/api/authcontroller.cpp
View File

@@ -38,7 +38,6 @@
#include "isessionmanager.h"
constexpr int BAN_TIME = 3600000; // 1 hour
constexpr int MAX_AUTH_FAILED_ATTEMPTS = 5;
void AuthController::loginAction()
{
@@ -74,7 +73,8 @@ void AuthController::loginAction()
LogMsg(tr("WebAPI login success. IP: %1").arg(clientAddr));
}
else {
increaseFailedAttempts();
if (Preferences::instance()->getWebUIMaxAuthFailCount() > 0)
increaseFailedAttempts();
setResult(QLatin1String("Fails."));
LogMsg(tr("WebAPI login failure. Reason: invalid credentials, attempt count: %1, IP: %2, username: %3")
.arg(QString::number(failedAttemptsCount()), clientAddr, usernameFromWeb)
@@ -82,7 +82,7 @@ void AuthController::loginAction()
}
}
void AuthController::logoutAction()
void AuthController::logoutAction() const
{
sessionManager()->sessionEnd();
}
@@ -108,10 +108,12 @@ int AuthController::failedAttemptsCount() const
void AuthController::increaseFailedAttempts()
{
Q_ASSERT(Preferences::instance()->getWebUIMaxAuthFailCount() > 0);
FailedLogin &failedLogin = m_clientFailedLogins[sessionManager()->clientId()];
++failedLogin.failedAttemptsCount;
if (failedLogin.failedAttemptsCount == MAX_AUTH_FAILED_ATTEMPTS) {
if (failedLogin.failedAttemptsCount >= Preferences::instance()->getWebUIMaxAuthFailCount()) {
// Max number of failed attempts reached
// Start ban period
failedLogin.bannedAt = QDateTime::currentMSecsSinceEpoch() / 1000;

2
src/webui/api/authcontroller.h
View File

@@ -44,7 +44,7 @@ public:
private slots:
void loginAction();
void logoutAction();
void logoutAction() const;
private:
bool isBanned() const;