forked from ZwiiCMS-Team/ZwiiCMS
10.2.dev12 sécurité de la conenxion au compte
This commit is contained in:
parent
9c94e84d82
commit
0d68f00710
@ -35,15 +35,11 @@ class common {
|
||||
const THUMBS_SEPARATOR = 'mini_';
|
||||
const THUMBS_WIDTH = 640;
|
||||
|
||||
// Contrôle d'édition temps max en secondes.
|
||||
// Contrôle d'édition temps max en secondes avant déconnexion 30 minutes
|
||||
const ACCESS_TIMER = 1800;
|
||||
// Nombre d'essais
|
||||
const CONNECT_ATTEMPT = 3;
|
||||
// Temps mort
|
||||
const CONNECT_TIMEOUT = 1800;
|
||||
|
||||
// Numéro de version
|
||||
const ZWII_VERSION = '10.2.00.dev11';
|
||||
const ZWII_VERSION = '10.2.00.dev12';
|
||||
const ZWII_UPDATE_CHANNEL = "v10";
|
||||
|
||||
public static $actions = [];
|
||||
@ -1314,6 +1310,8 @@ class common {
|
||||
// Version 10.2.00
|
||||
if ($this->getData(['core', 'dataVersion']) < 10200) {
|
||||
$this->deleteData(['admin','colorButtonText']);
|
||||
$this->setData(['config', 'connect', 'attempt',3]);
|
||||
$this->setData(['config', 'connect', 'timeout',10]);
|
||||
$this->setData(['core', 'dataVersion', 10200]);
|
||||
}
|
||||
}
|
||||
|
@ -165,7 +165,22 @@ class config extends common {
|
||||
'tls' => 'START TLS',
|
||||
'ssl' => 'SSL/TLS'
|
||||
];
|
||||
|
||||
// Sécurité de la connexion - tentative max avant blocage
|
||||
public static $connectAttempt = [
|
||||
999 => 'Aucun',
|
||||
3 => '3 tentatives',
|
||||
5 => '5 tentatives',
|
||||
10=> '10 tentatives'
|
||||
];
|
||||
// Sécurité de la connexion - durée du blocage
|
||||
public static $connectTimeout = [
|
||||
0 => 'Aucun',
|
||||
120 => '2 minutes',
|
||||
240 => '4 minutes',
|
||||
360 => '6 minutes',
|
||||
480 => '8 minutes',
|
||||
600 => '10 minutes'
|
||||
];
|
||||
public function generateFiles() {
|
||||
// Mettre à jour le site map
|
||||
$successSitemap=$this->createSitemap();
|
||||
@ -438,6 +453,10 @@ class config extends common {
|
||||
'username' => $this->getInput('configSmtpUsername',helper::FILTER_STRING_SHORT),
|
||||
'password' =>helper::encrypt($this->getData(['config','smtp','username']),$this->getInput('configSmtpPassword')),
|
||||
'sender' => $this->getInput('configSmtpSender',helper::FILTER_MAIL)
|
||||
],
|
||||
'connect' => [
|
||||
'attempt' => $this->getInput('configConnectAttempt',helper::FILTER_INT),
|
||||
'timeout' => $this->getInput('configConnectTimeout',helper::FILTER_INT),
|
||||
]
|
||||
]
|
||||
]);
|
||||
|
@ -348,6 +348,28 @@
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="row">
|
||||
<div class="col12">
|
||||
<div class="block">
|
||||
<h4>Connexion</h4>
|
||||
<div class="row">
|
||||
<div class="col4">
|
||||
<?php echo template::select('configConnectAttempt', $module::$connectAttempt , [
|
||||
'label' => 'Echecs avant blocage',
|
||||
'selected' => $this->getData(['config', 'connect', 'attempt'])
|
||||
]); ?>
|
||||
</div>
|
||||
<div class="col4">
|
||||
<?php echo template::select('configConnectTimeout', $module::$connectTimeout , [
|
||||
'label' => 'Durée du blocage',
|
||||
'selected' => $this->getData(['config', 'connect', 'timeout'])
|
||||
]); ?>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="row">
|
||||
<div class="col12">
|
||||
<div class="block">
|
||||
|
@ -333,10 +333,10 @@ class user extends common {
|
||||
if($this->isPost()) {
|
||||
$userId = $this->getInput('userLoginId', helper::FILTER_ID, true);
|
||||
// Contrôle du time out
|
||||
if ( $this->getData(['user',$userId,'connectTimeout']) + self::CONNECT_TIMEOUT > time() &&
|
||||
$this->getData(['user',$userId,'connectFail']) > self::CONNECT_ATTEMPT ) {
|
||||
if ( $this->getData(['user',$userId,'connectTimeout']) + $this->getData(['config', 'connect', 'timeout']) > time() &&
|
||||
$this->getData(['user',$userId,'connectFail']) > $this->getData(['config', 'connect', 'attempt']) ) {
|
||||
$this->addOutput([
|
||||
'notification' => 'Accès bloqué pour ' . self::CONNECT_TIMEOUT . ' minutes'
|
||||
'notification' => 'Accès bloqué pour ' . $this->getData(['config', 'connect', 'timeout']) . ' minutes'
|
||||
]);
|
||||
}
|
||||
// Connexion si les informations sont correctes
|
||||
@ -378,10 +378,10 @@ class user extends common {
|
||||
$this->setData(['user',$userId,'connectFail',$this->getdata(['user',$userId,'connectFail']) + 1 ]);
|
||||
}
|
||||
// Mettre à jour le timer
|
||||
if ( $this->getdata(['user',$userId,'connectFail']) > self::CONNECT_ATTEMPT) {
|
||||
$notification = 'Trop de tentatives, accès bloqué durant ' . self::CONNECT_TIMEOUT / 360 . ' minutes après chaque tentative infructueuse';
|
||||
if ( $this->getdata(['user',$userId,'connectFail']) > $this->getData(['config', 'connect', 'attempt'])) {
|
||||
$notification = 'Trop de tentatives, accès bloqué durant ' . $this->getData(['config', 'connect', 'timeout']) . ' minutes.';
|
||||
// Ne pas incrémenter le timer si actif
|
||||
if ($this->getData(['user',$userId,'connectTimeout']) + self::CONNECT_TIMEOUT < time() ) {
|
||||
if ($this->getData(['user',$userId,'connectTimeout']) + $this->getData(['config', 'connect', 'timeout']) < time() ) {
|
||||
$this->setData(['user',$userId,'connectTimeout', time()]);
|
||||
}
|
||||
} else {
|
||||
|
Loading…
x
Reference in New Issue
Block a user