Expose WebUI ban counter to users

src/webui/api/authcontroller.cpp

@@ -38,7 +38,6 @@
 #include "isessionmanager.h"
 
 constexpr int BAN_TIME = 3600000; // 1 hour
-constexpr int MAX_AUTH_FAILED_ATTEMPTS = 5;
 
 void AuthController::loginAction()
 {
@@ -74,7 +73,8 @@ void AuthController::loginAction()
         LogMsg(tr("WebAPI login success. IP: %1").arg(clientAddr));
     }
     else {
-        increaseFailedAttempts();
+        if (Preferences::instance()->getWebUIMaxAuthFailCount() > 0)
+            increaseFailedAttempts();
         setResult(QLatin1String("Fails."));
         LogMsg(tr("WebAPI login failure. Reason: invalid credentials, attempt count: %1, IP: %2, username: %3")
                 .arg(QString::number(failedAttemptsCount()), clientAddr, usernameFromWeb)
@@ -82,7 +82,7 @@ void AuthController::loginAction()
     }
 }
 
-void AuthController::logoutAction()
+void AuthController::logoutAction() const
 {
     sessionManager()->sessionEnd();
 }
@@ -108,10 +108,12 @@ int AuthController::failedAttemptsCount() const
 
 void AuthController::increaseFailedAttempts()
 {
+    Q_ASSERT(Preferences::instance()->getWebUIMaxAuthFailCount() > 0);
+
     FailedLogin &failedLogin = m_clientFailedLogins[sessionManager()->clientId()];
     ++failedLogin.failedAttemptsCount;
 
-    if (failedLogin.failedAttemptsCount == MAX_AUTH_FAILED_ATTEMPTS) {
+    if (failedLogin.failedAttemptsCount >= Preferences::instance()->getWebUIMaxAuthFailCount()) {
         // Max number of failed attempts reached
         // Start ban period
         failedLogin.bannedAt = QDateTime::currentMSecsSinceEpoch() / 1000;