Append all BruteForce parameters into Manager (#2646)

doc/sources/admin/bruteforceprotection.rst

@@ -34,6 +34,8 @@ set to ``On``.
    -  **Allowed failed login**: Number of failed login attempts allowed before account is locked
    -  **Incremental lock**: Enable/disable incremental lock times
    -  **Incremental lock times**: List of comma separated lock time values in seconds
+   -  **Maximum lock time**: Lock time values can not be higher than max lock time
+   -  **Maximum age**: Delta between current and last stored failed login 
 
 
 Incremental lock time enabled
@@ -70,17 +72,8 @@ Lock time increases between each failed login attempt after allowed failed login
 Incremental lock time disabled
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-After allowed failed login attempts, user must
+After allowed failed login attempts, user must wait
-wait the lock time before trying to log in again.
+the lock time before trying to log in again.
-To modify delta (MaxAge) between current and last stored
-failed login (300 seconds by default) edit ``lemonldap-ng.ini`` in [portal] section:
-
-.. code-block:: ini
-
-   [portal]
-   bruteForceProtectionTempo = 30
-   bruteForceProtectionMaxAge = 300
-   bruteForceProtectionMaxFailed = 3
 
 
 .. attention::

lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm

@@ -1078,6 +1078,8 @@ sub tree {
                                         'bruteForceProtectionMaxFailed',
                                         'bruteForceProtectionIncrementalTempo',
                                         'bruteForceProtectionLockTimes',
+                                        'bruteForceProtectionMaxLockTime',
+                                        'bruteForceProtectionMaxAge'
                                     ]
                                 },
                                 'lwpOpts',

lemonldap-ng-manager/site/htdocs/static/languages/ar.json

@@ -126,7 +126,9 @@
 "bruteForceProtection":"تفعيل",
 "bruteForceProtectionIncrementalTempo":"Incremental lock",
 "bruteForceProtectionLockTimes":"Incremental lock times",
+"bruteForceProtectionMaxAge":"Maximum age",
 "bruteForceProtectionMaxFailed":"Allowed failed logins",
+"bruteForceProtectionMaxLockTime":"Maximum lock time",
 "bruteForceProtectionTempo":"Lock time",
 "cancel":"إلغاء",
 "captcha_login_enabled":"التفعيل في استمارة تسجيل الدخول",

lemonldap-ng-manager/site/htdocs/static/languages/de.json

@@ -126,7 +126,9 @@
 "bruteForceProtection":"Activation",
 "bruteForceProtectionIncrementalTempo":"Incremental lock",
 "bruteForceProtectionLockTimes":"Incremental lock times",
+"bruteForceProtectionMaxAge":"Maximum age",
 "bruteForceProtectionMaxFailed":"Allowed failed logins",
+"bruteForceProtectionMaxLockTime":"Maximum lock time",
 "bruteForceProtectionTempo":"Lock time",
 "cancel":"Abbrechen",
 "captcha_login_enabled":"Activation in login form",

lemonldap-ng-manager/site/htdocs/static/languages/en.json

@@ -126,7 +126,9 @@
 "bruteForceProtection":"Activation",
 "bruteForceProtectionIncrementalTempo":"Incremental lock",
 "bruteForceProtectionLockTimes":"Incremental lock times",
+"bruteForceProtectionMaxAge":"Maximum age",
 "bruteForceProtectionMaxFailed":"Allowed failed logins",
+"bruteForceProtectionMaxLockTime":"Maximum lock time",
 "bruteForceProtectionTempo":"Lock time",
 "cancel":"Cancel",
 "captcha_login_enabled":"Activation in login form",

lemonldap-ng-manager/site/htdocs/static/languages/es.json

@@ -126,7 +126,9 @@
 "bruteForceProtection":"Activación",
 "bruteForceProtectionIncrementalTempo":"Incremental lock",
 "bruteForceProtectionLockTimes":"Incremental lock times",
+"bruteForceProtectionMaxAge":"Maximum age",
 "bruteForceProtectionMaxFailed":"Allowed failed logins",
+"bruteForceProtectionMaxLockTime":"Maximum lock time",
 "bruteForceProtectionTempo":"Lock time",
 "cancel":"Cancelar",
 "captcha_login_enabled":"Activación en formulario de acceso",

lemonldap-ng-manager/site/htdocs/static/languages/fr.json

@@ -126,7 +126,9 @@
 "bruteForceProtection":"Activation",
 "bruteForceProtectionIncrementalTempo":"Verrouillage incrémentiel",
 "bruteForceProtectionLockTimes":"Temps de verrouillage incrémentiel",
+"bruteForceProtectionMaxAge":"Age maximum des échecs",
 "bruteForceProtectionMaxFailed":"Nombre d'échecs de connexion autorisés",
+"bruteForceProtectionMaxLockTime":"Temps maximum de verrouillage",
 "bruteForceProtectionTempo":"Temps de verrouillage",
 "cancel":"Annuler",
 "captcha_login_enabled":"Activation dans le formulaire d'authentification",

lemonldap-ng-manager/site/htdocs/static/languages/it.json

@@ -126,7 +126,9 @@
 "bruteForceProtection":"Attivazione",
 "bruteForceProtectionIncrementalTempo":"Incremental lock",
 "bruteForceProtectionLockTimes":"Incremental lock times",
+"bruteForceProtectionMaxAge":"Maximum age",
 "bruteForceProtectionMaxFailed":"Allowed failed logins",
+"bruteForceProtectionMaxLockTime":"Maximum lock time",
 "bruteForceProtectionTempo":"Lock time",
 "cancel":"Cancella",
 "captcha_login_enabled":"Attivazione nel modulo di login",

lemonldap-ng-manager/site/htdocs/static/languages/pl.json

@@ -126,7 +126,9 @@
 "bruteForceProtection":"Aktywacja",
 "bruteForceProtectionIncrementalTempo":"Blokada przyrostowa",
 "bruteForceProtectionLockTimes":"Przyrostowe czasy blokady",
+"bruteForceProtectionMaxAge":"Maximum age",
 "bruteForceProtectionMaxFailed":"Dozwolone nieudane logowania",
+"bruteForceProtectionMaxLockTime":"Maximum lock time",
 "bruteForceProtectionTempo":"Czas blokady",
 "cancel":"Anuluj",
 "captcha_login_enabled":"Aktywacja w formularzu logowania",

lemonldap-ng-manager/site/htdocs/static/languages/tr.json

@@ -126,7 +126,9 @@
 "bruteForceProtection":"Aktivasyon",
 "bruteForceProtectionIncrementalTempo":"Artan gecikme",
 "bruteForceProtectionLockTimes":"Artan gecikme zamanı",
+"bruteForceProtectionMaxAge":"Maximum age",
 "bruteForceProtectionMaxFailed":"İzin verilen başarısız girişler",
+"bruteForceProtectionMaxLockTime":"Maximum lock time",
 "bruteForceProtectionTempo":"Kilit süresi",
 "cancel":"İptal Et",
 "captcha_login_enabled":"Giriş formunda aktivasyon",

lemonldap-ng-manager/site/htdocs/static/languages/vi.json

@@ -126,7 +126,9 @@
 "bruteForceProtection":"Kích hoạt",
 "bruteForceProtectionIncrementalTempo":"Incremental lock",
 "bruteForceProtectionLockTimes":"Incremental lock times",
+"bruteForceProtectionMaxAge":"Maximum age",
 "bruteForceProtectionMaxFailed":"Allowed failed logins",
+"bruteForceProtectionMaxLockTime":"Maximum lock time",
 "bruteForceProtectionTempo":"Lock time",
 "cancel":"Hủy",
 "captcha_login_enabled":"Kích hoạt ở dạng đăng nhập",

lemonldap-ng-manager/site/htdocs/static/languages/zh.json

@@ -126,7 +126,9 @@
 "bruteForceProtection":"激活",
 "bruteForceProtectionIncrementalTempo":"Incremental lock",
 "bruteForceProtectionLockTimes":"Incremental lock times",
+"bruteForceProtectionMaxAge":"Maximum age",
 "bruteForceProtectionMaxFailed":"Allowed failed logins",
+"bruteForceProtectionMaxLockTime":"Maximum lock time",
 "bruteForceProtectionTempo":"Lock time",
 "cancel":"取消",
 "captcha_login_enabled":" 登录激活",

lemonldap-ng-manager/site/htdocs/static/languages/zh_TW.json

@@ -126,7 +126,9 @@
 "bruteForceProtection":"啟用",
 "bruteForceProtectionIncrementalTempo":"增量鎖",
 "bruteForceProtectionLockTimes":"增量鎖時間",
+"bruteForceProtectionMaxAge":"Maximum age",
 "bruteForceProtectionMaxFailed":"允許的失敗登入",
+"bruteForceProtectionMaxLockTime":"Maximum lock time",
 "bruteForceProtectionTempo":"鎖時間",
 "cancel":"取消",
 "captcha_login_enabled":"在登入表單中啟用",

lemonldap-ng-manager/t/80-attributes.t

@@ -39,7 +39,6 @@ my @notManagedAttributes = (
 
     # Plugins parameters
     'notificationsMaxRetrieve',   'persistentSessionAttributes',
-    'bruteForceProtectionMaxAge', 'bruteForceProtectionMaxLockTime',
 
     # PSGI/CGI protection (must be set in lemonldap-ng.ini)
     'protection',

lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/BruteForceProtection.pm

@@ -7,7 +7,7 @@ use Lemonldap::NG::Portal::Main::Constants qw(
   PE_WAIT
 );
 
-our $VERSION = '2.0.12';
+our $VERSION = '2.0.14';
 
 extends 'Lemonldap::NG::Portal::Main::Plugin';
 
@@ -56,6 +56,7 @@ sub init {
         return 0;
     }
 
+    my $maxAge = $self->conf->{bruteForceProtectionMaxAge} || 300;
     if ( $self->conf->{bruteForceProtectionIncrementalTempo} ) {
         my $lockTimes = @{ $self->lockTimes } =
           sort { $a <=> $b }
@@ -87,14 +88,13 @@ sub init {
             $lockTimes = $self->conf->{failedLoginNumber};
         }
 
-        my $sum = $self->conf->{bruteForceProtectionMaxAge} *
+        my $sum =
-          ( 1 + $self->conf->{failedLoginNumber} - $lockTimes );
+          $maxAge * ( 1 + $self->conf->{failedLoginNumber} - $lockTimes );
         $sum += $_ foreach @{ $self->lockTimes };
         $self->maxAge($sum);
     }
     else {
-        $self->maxAge( $self->conf->{bruteForceProtectionMaxAge} *
+        $self->maxAge( $maxAge * ( 1 + $self->maxFailed ) );
-              ( 1 + $self->maxFailed ) );
     }
 
     return 1;