saltyming/vaultwarden
1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2025-07-27 22:29:10 +00:00
Code Activity

Basic ratelimit for user login (including 2FA) and admin login

Browse source
This commit is contained in:
Daniel García 2021-12-22 21:48:49 +01:00
commit 5529264c3f
No known key found for this signature in database
GPG key ID: FC8A7D14C3CD543A
7 changed files with 134 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
src/api/admin.rs
View file

@ -166,6 +166,10 @@ fn post_admin_login(
) -> Result<Redirect, Flash<Redirect>> {
let data = data.into_inner();
if crate::ratelimit::check_limit_admin(&ip.ip).is_err() {
return Err(Flash::error(Redirect::to(admin_url(referer)), "Too many requests, try again later."));
}
// If the token is invalid, redirect to login page
if !_validate_token(&data.token) {
error!("Invalid admin token. IP: {}", ip.ip);

3
src/api/identity.rs
View file

@ -84,6 +84,9 @@ fn _password_login(data: ConnectData, conn: DbConn, ip: &ClientIp) -> JsonResult
err!("Scope not supported")
}
// Ratelimit the login
crate::ratelimit::check_limit_login(&ip.ip)?;
// Get the user
let username = data.username.as_ref().unwrap();
let user = match User::find_by_mail(username, &conn) {