diff options
| author | Marvin Borner | 2019-04-13 19:17:00 +0200 |
|---|---|---|
| committer | Marvin Borner | 2019-04-13 19:17:00 +0200 |
| commit | 407cd889cada0154faaa06ff4372e237cf260cf7 (patch) | |
| tree | 29a7d54576a2872d4fd735022fc3a477ff96d0c3 /src/main/kotlin/App.kt | |
| parent | a1e2fe500b3d3947d05e16698488f99e49f29847 (diff) | |
Added live counter for brute force detection
Diffstat (limited to 'src/main/kotlin/App.kt')
| -rw-r--r-- | src/main/kotlin/App.kt | 21 |
1 files changed, 15 insertions, 6 deletions
diff --git a/src/main/kotlin/App.kt b/src/main/kotlin/App.kt index a958479..ce964e0 100644 --- a/src/main/kotlin/App.kt +++ b/src/main/kotlin/App.kt @@ -49,7 +49,7 @@ fun main() { */ get( "/login", - { ctx -> ctx.render("login.rocker.html", model("message", "")) }, + { ctx -> ctx.render("login.rocker.html", model("message", "", "counter", 0)) }, roles(Roles.GUEST) ) @@ -208,23 +208,32 @@ fun login(ctx: Context) { val difference = Interval(it.first.toInstant(), Instant()).toDuration().standardMinutes.toInt() if (difference < 60) lastHourAttempts += 1 } - val threshold = 4f.pow(lastHourAttempts) + val nextThreshold = 4f.pow(lastHourAttempts + 1) - if (lastAttemptDifference > threshold) { + if (lastAttemptDifference > 4f.pow(lastHourAttempts)) { if (databaseController.checkUser(username, password)) { ctx.cookieStore("uuid", databaseController.getUUID(username)) ctx.cookieStore("username", username) - ctx.render("login.rocker.html", model("message", "Login succeeded!")) + ctx.render("login.rocker.html", model("message", "Login succeeded!", "counter", 0)) } else { databaseController.loginAttempt(DateTime(), requestIp) - ctx.render("login.rocker.html", model("message", "Login failed!")) + ctx.render( + "login.rocker.html", + model( + "message", + "Login failed!", + "counter", if (nextThreshold / 60 > 60) 3600 else nextThreshold.toInt() + ) + ) } } else { databaseController.loginAttempt(DateTime(), requestIp) ctx.render( "login.rocker.html", model( - "message", "Please try again in ${if (threshold / 60 > 60) "3600" else threshold.toString()} seconds." + "message", + "Too many request.", + "counter", if (nextThreshold / 60 > 60) 3600 else nextThreshold.toInt() ) ) } |