mirror/Part-DB.Part-DB-server
1
0
Fork 1
mirror of https://github.com/Part-DB/Part-DB-server.git synced 2025-06-21 01:25:55 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Added login rate throttling

Browse source
This commit is contained in:
Jan Böhmer 2023-02-11 21:55:24 +01:00
parent d03586d9d5
commit 03e52bf598
6 changed files with 175 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

7
.env
View file

@ -93,3 +93,10 @@ APP_SECRET=a03498528f5a5fc089273ec9ae5b2849
# Set the trusted IPs here, when using an reverse proxy # Set the trusted IPs here, when using an reverse proxy
#TRUSTED_PROXIES=127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16 #TRUSTED_PROXIES=127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
#TRUSTED_HOSTS='^(localhost|example\.com)$' #TRUSTED_HOSTS='^(localhost|example\.com)$'
###> symfony/lock ###
# Choose one of the stores below
# postgresql+advisory://db_user:db_password@localhost/db_name
LOCK_DSN=flock
###< symfony/lock ###

1
composer.json
View file

@ -56,6 +56,7 @@
"symfony/property-access": "5.4.*", "symfony/property-access": "5.4.*",
"symfony/property-info": "5.4.*", "symfony/property-info": "5.4.*",
"symfony/proxy-manager-bridge": "5.4.*", "symfony/proxy-manager-bridge": "5.4.*",
"symfony/rate-limiter": "5.4.*",
"symfony/runtime": "5.4.*", "symfony/runtime": "5.4.*",
"symfony/security-bundle": "5.4.*", "symfony/security-bundle": "5.4.*",
"symfony/serializer": "5.4.*", "symfony/serializer": "5.4.*",

151
composer.lock generated
View file

@ -4,7 +4,7 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
"This file is @generated automatically" "This file is @generated automatically"
], ],
"content-hash": "433a25b4df056e2a121ed5cbf442b172", "content-hash": "e47c89f8ce9652159ba8f31ce86e53fd",
"packages": [ "packages": [
{ {
"name": "beberlei/assert", "name": "beberlei/assert",
@ -8170,6 +8170,85 @@
], ],
"time": "2023-01-11T13:51:47+00:00" "time": "2023-01-11T13:51:47+00:00"
}, },
{
"name": "symfony/lock",
"version": "v5.4.19",
"source": {
"type": "git",
"url": "https://github.com/symfony/lock.git",
"reference": "14b8dfe4df7c3e59e2d3e6a0dd50bb2101eced08"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/lock/zipball/14b8dfe4df7c3e59e2d3e6a0dd50bb2101eced08",
"reference": "14b8dfe4df7c3e59e2d3e6a0dd50bb2101eced08",
"shasum": ""
},
"require": {
"php": ">=7.2.5",
"psr/log": "^1|^2|^3",
"symfony/deprecation-contracts": "^2.1|^3",
"symfony/polyfill-php80": "^1.16"
},
"conflict": {
"doctrine/dbal": "<2.13"
},
"require-dev": {
"doctrine/dbal": "^2.13|^3.0",
"predis/predis": "~1.0"
},
"type": "library",
"autoload": {
"psr-4": {
"Symfony\\Component\\Lock\\": ""
},
"exclude-from-classmap": [
"/Tests/"
]
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Jérémy Derussé",
"email": "jeremy@derusse.com"
},
{
"name": "Symfony Community",
"homepage": "https://symfony.com/contributors"
}
],
"description": "Creates and manages locks, a mechanism to provide exclusive access to a shared resource",
"homepage": "https://symfony.com",
"keywords": [
"cas",
"flock",
"locking",
"mutex",
"redlock",
"semaphore"
],
"support": {
"source": "https://github.com/symfony/lock/tree/v5.4.19"
},
"funding": [
{
"url": "https://symfony.com/sponsor",
"type": "custom"
},
{
"url": "https://github.com/fabpot",
"type": "github"
},
{
"url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
"type": "tidelift"
}
],
"time": "2023-01-01T08:32:19+00:00"
},
{ {
"name": "symfony/mailer", "name": "symfony/mailer",
"version": "v5.4.19", "version": "v5.4.19",
@ -9847,6 +9926,76 @@
], ],
"time": "2022-11-28T22:46:34+00:00" "time": "2022-11-28T22:46:34+00:00"
}, },
{
"name": "symfony/rate-limiter",
"version": "v5.4.19",
"source": {
"type": "git",
"url": "https://github.com/symfony/rate-limiter.git",
"reference": "0518d49441e74c89d30d1a40ab3af850533cd775"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/rate-limiter/zipball/0518d49441e74c89d30d1a40ab3af850533cd775",
"reference": "0518d49441e74c89d30d1a40ab3af850533cd775",
"shasum": ""
},
"require": {
"php": ">=7.2.5",
"symfony/lock": "^5.2|^6.0",
"symfony/options-resolver": "^5.1|^6.0"
},
"require-dev": {
"psr/cache": "^1.0|^2.0|^3.0"
},
"type": "library",
"autoload": {
"psr-4": {
"Symfony\\Component\\RateLimiter\\": ""
},
"exclude-from-classmap": [
"/Tests/"
]
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Wouter de Jong",
"email": "wouter@wouterj.nl"
},
{
"name": "Symfony Community",
"homepage": "https://symfony.com/contributors"
}
],
"description": "Provides a Token Bucket implementation to rate limit input and output in your application",
"homepage": "https://symfony.com",
"keywords": [
"limiter",
"rate-limiter"
],
"support": {
"source": "https://github.com/symfony/rate-limiter/tree/v5.4.19"
},
"funding": [
{
"url": "https://symfony.com/sponsor",
"type": "custom"
},
{
"url": "https://github.com/fabpot",
"type": "github"
},
{
"url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
"type": "tidelift"
}
],
"time": "2023-01-01T08:32:19+00:00"
},
{ {
"name": "symfony/routing", "name": "symfony/routing",
"version": "v5.4.19", "version": "v5.4.19",

2
config/packages/lock.yaml Normal file
View file

@ -0,0 +1,2 @@
framework:
lock: '%env(LOCK_DSN)%'

3
config/packages/security.yaml
View file

@ -26,7 +26,8 @@ security:
check_path: 2fa_login_check check_path: 2fa_login_check
enable_csrf: true enable_csrf: true
login_throttling:
max_attempts: 5 # per minute
# https://symfony.com/doc/current/security/form_login_setup.html # https://symfony.com/doc/current/security/form_login_setup.html
form_login: form_login:

12
symfony.lock
View file

@ -533,6 +533,18 @@
"symfony/intl": { "symfony/intl": {
"version": "v4.2.3" "version": "v4.2.3"
}, },
"symfony/lock": {
"version": "5.4",
"recipe": {
"repo": "github.com/symfony/recipes",
"branch": "main",
"version": "5.2",
"ref": "8e937ff2b4735d110af1770f242c1107fdab4c8e"
},
"files": [
"./config/packages/lock.yaml"
]
},
"symfony/mailer": { "symfony/mailer": {
"version": "5.4", "version": "5.4",
"recipe": { "recipe": {