ZwiiCMS-Team/ZwiiCMS
ZwiiCMS-Team
/
ZwiiCMS
3
3
Fork 2
Code Releases 143 Activity

10.2.dev12 sécurité de la conenxion au compte

This commit is contained in:
Fred Tempez 2020-05-28 19:03:31 +02:00
parent 9c94e84d82
commit 0d68f00710
4 changed files with 52 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
core/core.php
View File

@ -35,15 +35,11 @@ class common {
const THUMBS_SEPARATOR = 'mini_'; const THUMBS_SEPARATOR = 'mini_';
const THUMBS_WIDTH = 640; const THUMBS_WIDTH = 640;
// Contrôle d'édition temps max en secondes. // Contrôle d'édition temps max en secondes avant déconnexion 30 minutes
const ACCESS_TIMER = 1800; const ACCESS_TIMER = 1800;
// Nombre d'essais
const CONNECT_ATTEMPT = 3;
// Temps mort
const CONNECT_TIMEOUT = 1800;
// Numéro de version // Numéro de version
const ZWII_VERSION = '10.2.00.dev11'; const ZWII_VERSION = '10.2.00.dev12';
const ZWII_UPDATE_CHANNEL = "v10"; const ZWII_UPDATE_CHANNEL = "v10";
public static $actions = []; public static $actions = [];
@ -1314,6 +1310,8 @@ class common {
// Version 10.2.00 // Version 10.2.00
if ($this->getData(['core', 'dataVersion']) < 10200) { if ($this->getData(['core', 'dataVersion']) < 10200) {
$this->deleteData(['admin','colorButtonText']); $this->deleteData(['admin','colorButtonText']);
$this->setData(['config', 'connect', 'attempt',3]);
$this->setData(['config', 'connect', 'timeout',10]);
$this->setData(['core', 'dataVersion', 10200]); $this->setData(['core', 'dataVersion', 10200]);
} }
} }

21
core/module/config/config.php
View File

@ -165,7 +165,22 @@ class config extends common {
'tls' => 'START TLS', 'tls' => 'START TLS',
'ssl' => 'SSL/TLS' 'ssl' => 'SSL/TLS'
]; ];
// Sécurité de la connexion - tentative max avant blocage
public static $connectAttempt = [
999 => 'Aucun',
3 => '3 tentatives',
5 => '5 tentatives',
10=> '10 tentatives'
];
// Sécurité de la connexion - durée du blocage
public static $connectTimeout = [
0 => 'Aucun',
120 => '2 minutes',
240 => '4 minutes',
360 => '6 minutes',
480 => '8 minutes',
600 => '10 minutes'
];
public function generateFiles() { public function generateFiles() {
// Mettre à jour le site map // Mettre à jour le site map
$successSitemap=$this->createSitemap(); $successSitemap=$this->createSitemap();
@ -438,6 +453,10 @@ class config extends common {
'username' => $this->getInput('configSmtpUsername',helper::FILTER_STRING_SHORT), 'username' => $this->getInput('configSmtpUsername',helper::FILTER_STRING_SHORT),
'password' =>helper::encrypt($this->getData(['config','smtp','username']),$this->getInput('configSmtpPassword')), 'password' =>helper::encrypt($this->getData(['config','smtp','username']),$this->getInput('configSmtpPassword')),
'sender' => $this->getInput('configSmtpSender',helper::FILTER_MAIL) 'sender' => $this->getInput('configSmtpSender',helper::FILTER_MAIL)
],
'connect' => [
'attempt' => $this->getInput('configConnectAttempt',helper::FILTER_INT),
'timeout' => $this->getInput('configConnectTimeout',helper::FILTER_INT),
] ]
] ]
]); ]);

22
core/module/config/view/index/index.php
View File

@ -348,6 +348,28 @@
</div> </div>
</div> </div>
</div> </div>
<div class="row">
<div class="col12">
<div class="block">
<h4>Connexion</h4>
<div class="row">
<div class="col4">
<?php echo template::select('configConnectAttempt', $module::$connectAttempt , [
'label' => 'Echecs avant blocage',
'selected' => $this->getData(['config', 'connect', 'attempt'])
]); ?>
</div>
<div class="col4">
<?php echo template::select('configConnectTimeout', $module::$connectTimeout , [
'label' => 'Durée du blocage',
'selected' => $this->getData(['config', 'connect', 'timeout'])
]); ?>
</div>
</div>
</div>
</div>
</div>
<div class="row"> <div class="row">
<div class="col12"> <div class="col12">
<div class="block"> <div class="block">

12
core/module/user/user.php
View File

@ -333,10 +333,10 @@ class user extends common {
if($this->isPost()) { if($this->isPost()) {
$userId = $this->getInput('userLoginId', helper::FILTER_ID, true); $userId = $this->getInput('userLoginId', helper::FILTER_ID, true);
// Contrôle du time out // Contrôle du time out
if ( $this->getData(['user',$userId,'connectTimeout']) + self::CONNECT_TIMEOUT > time() && if ( $this->getData(['user',$userId,'connectTimeout']) + $this->getData(['config', 'connect', 'timeout']) > time() &&
$this->getData(['user',$userId,'connectFail']) > self::CONNECT_ATTEMPT ) { $this->getData(['user',$userId,'connectFail']) > $this->getData(['config', 'connect', 'attempt']) ) {
$this->addOutput([ $this->addOutput([
'notification' => 'Accès bloqué pour ' . self::CONNECT_TIMEOUT . ' minutes' 'notification' => 'Accès bloqué pour ' . $this->getData(['config', 'connect', 'timeout']) . ' minutes'
]); ]);
} }
// Connexion si les informations sont correctes // Connexion si les informations sont correctes
@ -378,10 +378,10 @@ class user extends common {
$this->setData(['user',$userId,'connectFail',$this->getdata(['user',$userId,'connectFail']) + 1 ]); $this->setData(['user',$userId,'connectFail',$this->getdata(['user',$userId,'connectFail']) + 1 ]);
} }
// Mettre à jour le timer // Mettre à jour le timer
if ( $this->getdata(['user',$userId,'connectFail']) > self::CONNECT_ATTEMPT) { if ( $this->getdata(['user',$userId,'connectFail']) > $this->getData(['config', 'connect', 'attempt'])) {
$notification = 'Trop de tentatives, accès bloqué durant ' . self::CONNECT_TIMEOUT / 360 . ' minutes après chaque tentative infructueuse'; $notification = 'Trop de tentatives, accès bloqué durant ' . $this->getData(['config', 'connect', 'timeout']) . ' minutes.';
// Ne pas incrémenter le timer si actif // Ne pas incrémenter le timer si actif
if ($this->getData(['user',$userId,'connectTimeout']) + self::CONNECT_TIMEOUT < time() ) { if ($this->getData(['user',$userId,'connectTimeout']) + $this->getData(['config', 'connect', 'timeout']) < time() ) {
$this->setData(['user',$userId,'connectTimeout', time()]); $this->setData(['user',$userId,'connectTimeout', time()]);
} }
} else { } else {